spring-saml

I recently ran successfully the spring-saml-sample working with ADFS 2.0. However I noticed that ADFS only ask me once my user/pass, and then I can enter as many times I want but always with the same user (even when I did a global logout). Is seems there is a cookie or something stored locally that is sent to ADFS. What if I want to authenticate with a different user on the same machine? How can I configure saml-extension in order to force authentication again? SAML contains a mechanism for forcing IDP to re-authenticate user called forced authentication. You can enable it by setting flag

I'm using Spring Security SAML extension for integrating with the ACA healthcare (aka Obamacare) website. It uses IDP Initiated SSO. The SAML handshake fails with the following output org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider] Single certificate was present, treating as end-entity certificate org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver] Credentials successfully extracted from child {http://www.w3.org/2000/09/xmldsig#}X509Data by provider org.opensaml.xml.security.keyinfo.provider.InlineX509DataProvider org.opensaml.xml.security.keyinfo

I'm working on an java-based web application, implementing SSO using Spring Security SAML on a Tomcat server. This application would play the service provider role (SP). The default Spring URL to retrieve this SP's metadata is: https://www.server.com:8080/context/saml/metadata This works just fine, returning the metadata XML file as expected. However, I run into a problem when I add a DefaultServlet servlet-mappings to the web.xml. Even just something as basic as: <servlet-mapping> <servlet-name>default</servlet-name> <url-pattern>*.gif</url-pattern> </servlet-mapping> If one or more default

I am using spring-security-saml2 1.0.0.RELEASE. It works well and pretty good for me. But New requirement is rised. I need saml-token as string. can I get the saml-token as string. I find saml-token in log. But how to get the saml-token as string format? Good question, I've just added a new chapter to the Spring SAML manual which addresses this issue: Authentication assertion Assertion used to authenticate user is stored in the SAMLCredential object under property authenticationAssertion . By default the original content (DOM) of the assertion is discarded and system only keeps an unmarshalled

I have a Spring web application which uses Spring SAML and Spring Security to manage the login process. Now I need to do some tasks after the correct login occurs. In particular I have to store some data in the SecurityContext.getContext() object. I have never worked with Spring Security/SAML and I don't know how it manages the return from the IdP. Is there any place in the code where usually you can put your code after the login process ends correctly? I mean, I know where the redirect page is set but I cannot put my custom code in the Controller of this redirect page because that page is