How do I use PicketLink to propagate the SAML based security context from an web application to a backend REST application?

Solution In Progress - Updated -

Issue

We are trying to implement a SAML SSO appliacation with the following architecture:

  browser --> web app --> rest app

We want the SAML security context to propagate from the web application to the backend REST service.

We were able to configure both the web app and the REST app as PicketLink protected Service Providers. However, when the web app tries to invoke the backend REST app, the REST app does not get invoked and instead of redirect to the IDP is returned to our REST client.

The same thing happens if we replace PicketLink with Spring SAML.

Environment

  • Red Hat JBoss Enterprise Application Platform
    • 6.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.