spring-saml

Spring Security SAML insists on requesting the Artifact binding in the SAML authentication request (ProtocolBinding attribute): <saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="http://sp.com/saml/SSO/alias/defaultAlias" Destination="https://idp.com/idp" ForceAuthn="false" ID="a4acj06d42fdc0d3494h859g3f7005c" IsPassive="false" IssueInstant="2012-12-05T17:07:18.271Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Version="2.0" > How can I configure POST binding instead? Thanks for any answers! -- Andreas Thanks nobby and

I am integrating spring-security-saml extension to support SSO in my web-application, my application should allow different customers to add their IDP metadata and their certificate to my webapp (which is an SP) so that my webapp can initiate SSO against their idp. Right now I am defining a "metadata" bean in my java config where in I add the idp metadata to CachingMetadataManager. But this happens only once, I am not able to figure out how do I add a new idp metadata to MetadataManager at runtime (without re-starting my app). Can I just get the metadata bean from spring ApplicationContext and

We have a Spring MVC (4.0.5) application with Spring Security (3.2.4) which includes CSRF protection which works fine. We are now adding the SAML security extension (spring-security-saml2-core 1.0.0) which causes an issue with CSRF protection. The metadata has been configured on SSOCircle and trying to access http://localhost:8080/myapp directs to the login page on SSOCircle. After authentication, the browser redirects to http://localhost:8080/myapp/saml/SSO and generates an error: HTTP Status 403 - Expected CSRF token not found. Has your session expired? If we turn off CSRF protection,

I am using WSO2 and SSOCircle with the Spring-SAML extension. We are testing configurations at this time and have defined 2 IdP's and 2 SP's within our applicationContext. So, currently, we have 2 statically defined IdP's within our spring xml config and this is working. For testing purpose we are using the combination of CachingMetadataManager and ResourceBackedMetadataProvider so the IdP metadata is built inside of our WAR archive. Sample: <bean id="metadata" class="org.springframework.security.saml.metadata.CachingMetadataManager"> <constructor-arg> <list> <bean class="org.springframework

We have decided to use Ping Federate to be our SSO solution. I have searched many examples but have not found a spring configuration that clearly describes how I need to set up my SP and/or IdP on the PingFederate side. I have not found a Spring document that describes what I need exactly to implement this. Any help, much appreciated. Currently there's no step-by-step guide on establishing federation between Spring SAML and Ping, but the steps are very similar to what's described in the quick start guide of Spring SAML. The best approach is to start with the sample application included inside

I have requirement for our application where we need to implement Spring SAML within our app to enable federated SSO for one customer. However we need to maintain existing login flow using spring-security for other customer. So my question is can we have two security mechanism for an web application so that it will be treated as multi-tenancy. Can i implement OAuth and SAML in same application. thanks in advance.. Yes, you can combine your existing password authentication with SAML. See the sample application of Spring SAML for details - it contains both of the methods combined. It is also

I want to deal with Spring Security SAML. For this, I start to explore Spring Security SAML . At the beginning, I create an account at SSOCircle . Than I configurated of IDP metadata and generation of SP metadata (4.2.2 and 4.2.3). At entityId I set: <bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter"> <constructor-arg> <bean class="org.springframework.security.saml.metadata.MetadataGenerator"> <property name="entityId" value="http://idp.ssocircle.com"/> </bean> </constructor-arg> </bean> When I start application, I have: Error occurred

I want remember url request parameter from first request of my site (SP) and use them after response from IdP. I'm using spring-saml extension and think about relayState attribute but can't find example how build it with parameters from request. I need that for redirect user after sso authentication process to target page (module of application) depends on what was in first request. Spring SAML sample application behaves like this out of the box. When user hits a page which is protected by Spring Security and requires authentication system: remembers parameters which were used to invoke the