My intention is to implement with PicketLink something similar to what Atlassian has done in Crowd.
In more detail, I want single PicketLink instance to provide authentication, authorization, SSO and IdM services to multiple Java EE applications. The point here is to have a single place for JPA/LDAP configuration, custom IdM model and custom authenticators (all the above will be shared between client applications).
As far as I've learned from the documentation, PicketLink doesn't offer this out of the box. I would imagine client applications using PicketLink APIs, but the actual calls being proxied to master PicketLink instance via RMI/Hessian/REST etc. I would appreciate any expert opinion on whether this architecture will be viable, as well as any other criticisms and suggestions.
Aucun commentaire:
Enregistrer un commentaire