SAML Http Request Intercept with Spring Boot

Question

In reference to this SO question Add request parameter to SAML request using Spring Security SAML

I am wanting to replace the default HTTPRedirectDeflateBinding bean

Answer 1

I know this question is very old, but I struggled with this same exact issue. I'm adding the answer just in case it can help anyone else.

The httpRedirectDeflateBinding will get called only when GET binding is used. In my case we used POST binding for WebSSOProfileOptions. Our configuration looked like the following:

    @Bean
    WebSSOProfileOptions defaultWebSSOProfileOptions() {
        WebSSOProfileOptions webSSOProfileOptions = new WebSSOProfileOptions();
        webSSOProfileOptions.setIncludeScoping(false);
        webSSOProfileOptions.setAllowCreate(true);
        webSSOProfileOptions.setNameID("");
        webSSOProfileOptions.setForceAuthN(true);
        //This line is for enabling POST request
        webSSOProfileOptions.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
        return webSSOProfileOptions;
    }

In this case, the custom override should be for HTTPPostEncoder. Inject the custom class to HTTPPostBinding and the custom logic should get executed.