15.4. Configure STSIssuingLoginModule

download PDF
The STSIssuingLoginModule uses a user name and password to authenticate the user against an STS by retrieving a token.

Example 15.4. Configure STSIssuingLoginModule

<security-domain name="saml-issue-token">
            code="org.picketlink.identity.federation.core.wstrust.auth.STSIssuingLoginModule" flag="required">          <module-option name="configFile">./</module-option>
          <module-option name="endpointURI">http://security_saml/endpoint</module-option>
            type="principal" />
            type="role" />
Most configurations can switch to the configuration sited in the above example by:
  • changing their declared security-domain
  • specifying a Principal mapping provider
  • specifying a RoleGroup mapping provider
The specified Principal mapping provider and the RoleGroup mapping provider results in an authenticated Subject being populated that enables coarse-grained and role-based authorization. After authentication, the Security Token is available and may be used to invoke other services by Single Sign-On.
Red Hat logoGithubRedditYoutubeTwitter


Try, buy, & sell


About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.