spring-saml

I've implemented SSO using Spring SAML and everything is working fine. It worked with the following IDP's till now: 1) idp.ssocircle.com 2) openidp.feide.no Now I'm testing with salesforce.com as my Identity Provider. As there is no provision to upload Service Provider Metadata I've done the following configuration settings at its IdP: Gave my entityID and Assertion Consumer Service URL. I also uploaded my SP certificate. I've downloaded its metadata (idp metadata) which is as follows (hiding the sensitive information): <?xml version="1.0" encoding="UTF-8"?><md:EntityDescriptor xmlns:md="urn

In order to fetch metadata from a remote source, I defined an ExtendedMetadataDelegate bean as follows: @Bean @Qualifier("replyMeta") public ExtendedMetadataDelegate replyMetadataProvider() throws MetadataProviderException { String metadataURL = "https://ststest-replynet.reply.it/FederationMetadata/2007-06/FederationMetadata.xml"; final Timer backgroundTaskTimer = new Timer(true); HTTPMetadataProvider provider = new HTTPMetadataProvider( backgroundTaskTimer, httpClient(), metadataURL); provider.setParserPool(parserPool()); ExtendedMetadataDelegate emd = new ExtendedMetadataDelegate( provider,

I need to add a request parameter (e.g. locale=en) to the SAML request in order to let the login page display correct language. How do I do that? I tried to add the attribute to the HttpServletRequest sent as an argument to the commence method (SamlEntryPoint), but that doesn't seem to work. Any suggestions? SAML provides a standard mechanism for extending content sent in authentication requests - an Extensions element. In order to use it you will need to coordinate with your IDP on what data you send and in what format. In Spring SAML you can customize its content by extending class

I have taken the Spring SAML example (see section 4.2 in this guide ) which works with the Open source login page SSO, and tried to add support to use WSO2 Identity Server as an additional IDP service. To do this I changed the spring SAML sample project by adding a metadata xml file for IS, and added an entry for the IS metadata to the securityContext.xml. On running the spring application I now get presented with an option to login using IS, and I can successfully login in on WSO2 when I'm redirected to it. However the spring application throws an exception on the IS SAML response about it

I have generated testIdp.cer file by copying 509 entry of the IDP I am planning to connect. Then I created JKS file by executing the following command keytool -importcert -alias adfssigning -keystore C:\Users\user\Desktop\samlKeystore.jks -file C:\Users\user\Desktop\testIdp.cer When executed it has asked to enter a password for which I have given a password. For the question "Trust this certificate? [no]:", I have given "y" as input. Message came out as "Certificate was added to keystore". Then I have configured the following details in securityContext.xml <bean id="keyManager" class="org

I'm having an issue getting the Spring SAML integration to generate the correct metadata file for my IdP. I was issued new SHA256 SSL certs. I've gone through all of the steps to create the appropriate keyStore and have my Spring security configuration file all set. I am literally like 98% of the way there but there is one thing missing in the generated metadata file that I can't for the life of me figure out why it's not getting set. Here is my ExtendedMetadata config for MetadataGeneratorFilter: <bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata

I'd like to implement a Single Sign-on (SSO) authentication layer in my Spring-based application with the aim of supporting authentication and authorization from different security domains. I've chosen Shibboleth as IdP, but I have yet to identify what I will use for the SP. The choices are: Spring Security SAML Extension: component enables both new and existing applications to act as a Service Provider in federations based on SAML 2.0 protocol and enable Web Single Sign-On. Spring Security Extension allows seamless combination of SAML 2.0 and other authentication and federation mechanisms in