spring-saml

问题 How to configure spring saml sample application for adfs https idp url? I could successfully run the sample application using SSOCircle. Now, I am trying to use the client's ADFS url instead and I am getting the following exception: org.opensaml.saml2.metadata.provider.MetadataProviderException: No IDP was configured, please update included metadata with at least one IDP at org.springframework.security.saml.metadata.MetadataManager.getDefaultIDP(MetadataManager.java:781) at org

问题 Hi I am using spring boot 1.4.0+spring-security-saml2-core 1.0.2 with the help of following link Spring-Boot-Saml-example it is working great. Now i would like to create an in memory user with the same granted authorities that the SAML user is issued.Kindly find the below code of SAMLUserDetailsServiceImpl for reference.Your help should be appreciable. @Service public class SAMLUserDetailsServiceImpl implements SAMLUserDetailsService { // Logger private static final Logger LOG = LoggerFactory

问题 I am using Spring Security SAML to have my application act as an SP. I was able to have the end-to-end solution done. However, I am facing a problem when the user wants to access the application using more than one URL. I have configured my SP metadata with the Assertion Consumer Service URL to be mywebsite:8080/myapp/saml/SSO. The user can also access the application through the full domain name mywebsite.fulldomainname:8080/myapp/ If the user accesses the second URL, The SP application will

问题 I understand that the communication between IDP and SP is well defined in standard. I'm wondering what are the ways to make the custom communication happen between standalone SP and the actual application. I assume the standard ways exists, without reinventing the wheel my self. But even spring-saml security only talks about "custom mechanism" doesn't say what it is. Can someone point to me the right direction? I've searched but I'm surprised that it's not written anywhere blogs, tutorials

问题 In my project I am using Java, Spring security with the SAML extension. I have a need to display the SAML token to my logs when errors occur. I have overridden SimpleUrlAuthenticationFailureHandler and have provided my own implementation. I can examine the type of exception by looking at the object passed to public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) How can I retrieve the SAML token from within the body of

问题 I try to make a SP hosted on Google app engine, with a third party IdP, and I'm facing multiple problems. I'm using Spring SAML extension for java. I was able to run the stand alone (not in GAE) demo app, from the official guide http://docs.spring.io/spring-security-saml/docs/1.0.x/reference/html/chapter-quick-start.html using as IdP idp.ssocircle.com. Now my problem comes whey I tried to integrate this code in my GAE project. When running with GAE I can get to the phase where I'm redirected

问题 I've made an implementation based on this with a FilesystemMetadataProvider: https://github.com/vdenotaris/spring-boot-security-saml-sample To make the SSL handshake work for the artifact binding I had to put/trust the CA certificate for the IDP in the java keystore used by the keyManager. I would rather have used the cacerts on the jre in case the IDP changed CA, but I haven't been able to find any property to set so that Spring SAML looks inside that instead. Also this answer suggest that

问题 We are working on the development of micro services for our domain. We have a requirement to secure the micro services using SAML. I read through the SAML docs and see that there would an Identity provider to which we have register our application (SP) and also we should connect to IdP for authentication. I understand that we need to establish a circle of trust or federation between them. I tried using the Spring Security SAML extension and SSOCircle.com as IdP for authentication using the

问题 After spending good time in Spring security with SAML for ADFs login , I am became fan of framework. I was able to integrate my web application with ADFS for login. But I am missing few requirement here : 1) When we select IDP ADFS login url on my web application login page ,it is moving out of my web application to ADFS login. Which is not desire behavior for business. 2) Also faced problem that , as on successful login user object sent back to my web application from ADFS but in case of

问题 I am using spring boot 1.4.0+spring-security-saml2-core 1.0.2 with the help of following link Spring-Boot-Saml-example it is working great. Now i would like to disable the spring-saml security in my local environment(Local PC).It should work in DEV & Production environment.What is the minimal change i should do to disable the SAML security in spring-Boot? or is it possible to set default user who is having all the securities so that SAML won't do the security checks(This is my assumption).