spring-saml

We are using ADFS as an IDP and our application acts as SP. Below is a sample Auth response <?xml version="1.0" encoding="UTF-8"?> <Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="_82062d3d-897f-473e-90ad-0bb351d63b22" IssueInstant="2015-04-29T20:39:17.240Z" Version="2.0"> <Issuer>http://adfs/services/trust</Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <ds:Reference URI="#_82062d3d

I'm trying to integrate Spring Security SAML Extension with Spring Boot . About the matter, I did develop a complete sample application. Its source code is available on GitHub: spring-boot-saml-integration on GitHub By running it as Spring Boot application (running against the SDK built-in Application Server), the WebApp works fine. Unfortunately, the same AuthN process doesn't work at all on Undertow/WildFly . According to the logs, the IdP actually performs the AuthN process: the instructions of my custom UserDetails implementation are correctly executed. Despite the execution flow, Spring

I'm using AngularJS and spring security in a web application. We were using the basic authentication and now we are trying to put in place SAML for SSO login. As we are using Java based annotation I tried to follow this example , I just added the securityConfig part to my application with also loadUserBySAML service. I also configured my ADFS service in active directory and generated the federationmetadata.xml file, however, I wasn't able to generate the metadata.xml file. When I try http://localhost:8080/myapp/saml/metadata I get 404 not found. I'm sure that I've missed something, but what?

When I get SAML Assertion from Identity Server, DigestValue and SignatureValue are empty :\ Assertion: <?xml version="1.0" encoding="UTF-8"?><saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="lhgklipdcdifghfbehlmdbbghndlgdpbdeggppjd" IssueInstant="2016-12-28T10:22:35.668Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">localhost</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc

I upgraded Spring Security from 3.2.5.RELEASE to 4.0.0.RELEASE and I'm getting the following error javax.servlet.ServletException: Filter execution threw an exception at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:255) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.granite.messaging.webapp.AMFMessageFilter.doFilter(AMFMessageFilter.java:117) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) at org.apache.catalina.core.ApplicationFilterChain

I followed chapter 12.0 instructions about using spring with adfs as IdP from here : http://docs.spring.io/spring-security-saml/docs/1.0.x-SNAPSHOT/reference/pdf/spring-security-saml-reference.pdf But I have an exception when I test the SSO : org.opensaml.common.SAMLException: NameID element must be present as part of the Subject in the Response message, please enable it in the IDP configuration I added the rule NameID as described in the document. We use ADFS 3.0 on a server and Tomcat on another Linux server, but I don't think it has an impact on this... I can't find a way to resolve it, is

I'ld like to implement SSO using SAML 2.0 in my web applications. I have seen spring-security-saml and example of spring boot application . There are a couple of things I wanted to know after I went through the sample: Is it possible to take Idp Url and certificates at run time and use spring saml to validate against that Idp ? ( So essentially I do not want to predefine any of the Idp related details and take an input from admin user to configure Idp ) Is metadata of Idp a necessary field or Is it possible that if IDP is not reachable directly from the SP then also it can just create a