发表新帖
发表新帖

Spring Security SAML + HTTPS to another page

后端 未结
关注
1 1468
刺人心
刺人心 2020-12-09 22:27

I created a project with Spring Security SAML.

I need to write a code (same project), which connects with another server by HTTPS POST with SOAP:
1条回答
  • 再見小時候
    再見小時候 (楼主)
    2020-12-09 22:42

    You are using bean TLSProtocolConfigurer which changes trusted certificates and hostname verification of the HTTPS protocol in the HTTP Client. You can revert behaviour of the HTTP Client back to defaults by removing this bean. You will then need to make sure that certificates used by entities from which you load metadata (https://idp.ssocircle.com/idp-meta.xml) are trusted in your cacerts, or use an endpoints without https (http://idp.ssocircle.com/idp-meta.xml).

    Alternatively, you can disable hostname verification by setting property sslHostnameVerification to allowAll on bean TLSProtocolConfigurer. You will also need to make sure that the HTTPS certificate of https://www.somepage.com (or its CA) is included in the samlKeystore.jks (see Spring SAML manual).

    You can find more details on the TLSProtocolConfigurer bean in the Spring SAML manual, chapter HTTP-based metadata provider with SSL.

    0 讨论(0)
 看不清?
提交回复
热议问题