问题
I am using Spring security SAML 1.0.3 Release version. I figured out a problem that if we upload a certificate for the IDP it does not get reflected in the Spring SAML. The problem seems to be with MetadataCredentialResolver where there is a cache Map
Map<MetadataCacheKey, SoftReference<Collection<Credential>>> cache;
It is picking the certificate from the cache and hence the newer uploaded cert is ignored. Is there a way I can reset the cache?
回答1:
I think the way to get rid of cache is to override a class and make it set the values to null for all the cache related calls:-
@Override
protected Collection<Credential> retrieveFromCache(MetadataCacheKey cacheKey)
{
//return null and let it fetch from metadata
return null;
}
@Override
protected void cacheCredentials(MetadataCacheKey cacheKey,
Collection<Credential> credentials) {
//do not put anything into cache
}
来源:https://stackoverflow.com/questions/60006262/spring-saml-security-certificate-caching-issue