Post has attachment

I been tried to implement an example with WS-Trust and JAX-WS Web Services, I found an example from 2013 [], but I do not have the right dependencies.

Anyone have an example that I could use??


Post has attachment

Hello everyone.
I'm trying to implement picketlink's security in my application, but I'm encountering some difficulties with the permission management. In the case, permissionManager.grant method doesn't save anything about the permissions.
Can the problem be that I'm integrating it with a custom identity model?
Can I ask you for assistance?
Thank you in advance for your answers.

Post has shared content
Together with new PicketLink 2.7.0.Final release, we would like to announce that PicketLink and Keycloak projects will be merging their efforts. Code base of both will get unified and new features will be developed in a single place.

As part of this merge all key features of PicketLink will get included into Keycloak. Combining strengths of both projects and providing their communities a single polished and unified security solution. Joining both efforts should enable faster progress on new features which will be beneficial for all users and developers leveraging those solutions. [...]

Full blog post here:

DZone link:

Additional FAQ:

[Announcement] PicketLink v2.7.0.Final has been released.

Please see
for more information.

Post has attachment
Partition vs. GroupMembership

Hi all, I am currently digging through all the details about the (great!) PicketLink framework. I was wondering for a typical application how would you solve the ownership of entities created by users?

Lets say you have an entity BlogEntry and users of the same company should be able to edit this BlogEntry.

Would you rather use partitions or groups to do this?
votes visible to Public
See comment :)

Do you think it makes sense to add the PATCH method in the HttpMethod enum so as to support partial updates with this method if the http security is enabled? 

Post has attachment

[Announcement] PicketLink v2.7.0.CR3 has been released. Please see for more information.

Post has attachment
After having read chapter 10 about privileges for application resources it left me with the following question: How can I - in an effective way - fetch a list of applications resources that the user has permission to see? E.g. in order to present a list of clients/projects/bank accounts/foobars in a user interface. The user could for example have permission to only see 1,000 out of 1,000,000.
Wait while more posts are being loaded