How do I use PicketLink to propagate the SAML based security context from an web application to a backend REST application?

Solution In Progress - Updated -

Issue

We are trying to implement a SAML SSO appliacation with the following architecture:

  browser --> web app --> rest app

We want the SAML security context to propagate from the web application to the backend REST service.

We were able to configure both the web app and the REST app as PicketLink protected Service Providers. However, when the web app tries to invoke the backend REST app, the REST app does not get invoked and instead of redirect to the IDP is returned to our REST client.

The same thing happens if we replace PicketLink with Spring SAML.

Environment

  • Red Hat JBoss Enterprise Application Platform
    • 6.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content