spring-saml

问题 In order to fetch metadata from a remote source, I defined an ExtendedMetadataDelegate bean as follows: @Bean @Qualifier("replyMeta") public ExtendedMetadataDelegate replyMetadataProvider() throws MetadataProviderException { String metadataURL = "https://ststest.mydomain.it/FederationMetadata/2007-06/FederationMetadata.xml"; final Timer backgroundTaskTimer = new Timer(true); HTTPMetadataProvider provider = new HTTPMetadataProvider( backgroundTaskTimer, httpClient(), metadataURL); provider

问题 I'm trying to test this sample application (https://github.com/deeprot/spring-saml-adfs), its a simple Spring SAML Sample application, with my environment, so, I have this error: SEVERE: Servlet.service() for servlet [default] in context with path [/spring-security-saml2-sample] threw exception java.lang.RuntimeException: Key with alias XXXX doesn't have a private key I'm imported the CER file of the IDP system in my KeyStore, but, I dont have a private key for this CER. Any idea? The LOG:

问题 I am implementing Spring Security SAML with One Login. I have set all the configuration files and meta data is set. I am able to get login work and logout is working if I logoff from the same application I logged in. In this scenario from SAML IDP I get LogoutResponse and Spring Security is able to parse and process it. http://localhost:8080/web/saml/SingleLogout?SAMLResponse=.............. Problem is when I login in two applications, currently I login to One Login admin console, there is a

问题 Using spring-security-saml for handling assertions from IDP, getting below error after server is up for 1 to 2 hours. Issue is not reproducible all the time. By looking at stacktrace, issue seems to be related to parser pool used in spring saml configuration. Please share any thoughts. library versions: opensaml 2.6.1 spring-security-saml2 1.0.0.RELEASE parser pool config: <bean id="parserPool" class="org.opensaml.xml.parse.StaticBasicParserPool" init-method="initialize"> <property name=

问题 I'm using AngularJS and spring security in a web application. We were using the basic authentication and now we are trying to put in place SAML for SSO login. As we are using Java based annotation I tried to follow this example, I just added the securityConfig part to my application with also loadUserBySAML service. I also configured my ADFS service in active directory and generated the federationmetadata.xml file, however, I wasn't able to generate the metadata.xml file. When I try http:/

问题 Okta is an IdP for SAML logins. I have a super-admin user of Okta. I try to use Spring's saml-sample project as my SP (service-provider). When I configure it (spring-saml-sample) in the Okta system, I need to supply some data on my SP, such as "post back URL", "recipient" and "audience restriction". After sniffing in Okta's docs, I found this: Audience Restriction – This is the entity id of the Service Provider. It will be provided by the SP and must match exactly. Consult the SP

问题 I'm trying to integrate the Spring Saml library in a sample webapplication, using Shibboleth as IDP. I'm able to load the login page, to login and to show the index page. The problem is that when I click on other links the webapp redirect me to the login page, then the IDP recognizes me and redirects to the requested page (if the network is fast it's very difficult to see this). It's like I'm not logged in for Spring security. I checked the log and I found this: org.springframework.security

问题 I have taken the Spring SAML example (see section 4.2 in this guide) which works with the Open source login page SSO, and tried to add support to use WSO2 Identity Server as an additional IDP service. To do this I changed the spring SAML sample project by adding a metadata xml file for IS, and added an entry for the IS metadata to the securityContext.xml. On running the spring application I now get presented with an option to login using IS, and I can successfully login in on WSO2 when I'm

问题 I have taken the Spring SAML example (see section 4.2 in this guide) which works with the Open source login page SSO, and tried to add support to use WSO2 Identity Server as an additional IDP service. To do this I changed the spring SAML sample project by adding a metadata xml file for IS, and added an entry for the IS metadata to the securityContext.xml. On running the spring application I now get presented with an option to login using IS, and I can successfully login in on WSO2 when I'm

问题 We have a Java 8 backend application using SprintBoot with an embedded Jetty server. The UI for the application is a Single Page Application built using React. Currently I have enabled authentication by integrating with Okta using the spring security SAML extension. When the assertion is posted by Okta to my app, I create a session and the JSESSIONID is sent in the cookie. This was fine until now when we had a very simple UI serving few UI components. However, now we have several REST