XML-based configuration for Spring SAML2 #9138
Assignees
Labels
in: saml2
An issue in SAML2 modules
status: duplicate
A duplicate of another issue
type: enhancement
A general enhancement
Comments
w8forme
added
status: waiting-for-triage
|
Looks similar to #8685. |
jgrandja
added
in: saml2
|
Hello, is there sample XML as we are moving from spring saml extension to spring-security 5.7.2 or 5.7.3 |
|
Hi @gspadmapriya. Yes, there is this sample https://github.com/spring-projects/spring-security-samples/tree/5.7.x/servlet/xml/java/saml2/login-logout and also the migration guide that may help you with the migration. |
|
Is there any extensive example in xml as I have to replace the current
configuration of Saml2entrypoint, metadata filter, extended metadata
delegate?
also looking for multitenancy XML examples of relaying party repositories,
resolvers, etc.
Thank you, any help is much appreciated!
…On Tue, Aug 23, 2022 at 10:06 AM Marcus Hert Da Coregio < ***@***.***> wrote:
Hi @gspadmapriya <https://github.com/gspadmapriya>.
Yes, there is this sample
https://github.com/spring-projects/spring-security-samples/tree/5.7.x/servlet/xml/java/saml2/login-logout
and also the migration guide
<https://github.com/spring-projects/spring-security/wiki/SAML-2.0-Migration-Guide>
that may help you with the migration.
—
Reply to this email directly, view it on GitHub
<#9138 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AF6AG2JMACDU3GNVVWJBXLTV2UAJDANCNFSM4SWSYYMQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
For now, there is no extensive sample showing the XML configuration. The work on the migration guide and further examples are now paused since we have a lot on our plate with the upcoming major releases. I'd suggest that you read the migration guide and also the reference docs to see the differences, if there is something that you cannot figure out, please open an issue and let's see how to improve that. |
|
I am creating custom RelyingPartyRegistrationRepository
where i am giving as in spring doc
RelyingPartyRegistration registration = RelyingPartyRegistration
.withRegistrationId("example")
.assertingPartyDetails(party -> party
.entityId("https://idp.example.com/issuer")
.singleSignOnServiceLocation("https://idp.example.com/SSO.saml2")
.wantAuthnRequestsSigned(false)
.verificationX509Credentials(c ->
c.add(assertingPartyCredential()))
)
.build();
inMemoryRelyingPartyRegistrationRepository = new
InMemoryRelyingPartyRegistrationRepository(registration);
- its ok not to give private key for relying party, right? i am trying with minimal configuration required to create custom repository
-
But when this custom class is instantiated as Bean getting exception as
Caused by:
org.springframework.beans.factory.UnsatisfiedDependencyException: Error
creating bean with name 'saml2RelyingPartyRegistrationRepository':
Unsatisfied dependency expressed through field 'privateKey'; nested
exception is org.springframework.beans.ConversionNotSupportedException:
Failed to convert value of type 'java.lang.String' to required type
'java.security.PrivateKey'; nested exception is
java.lang.IllegalStateException: Cannot convert value of type
'java.lang.String' to required type 'java.security.PrivateKey': no matching
editors or conversion strategy found
Any help will be appreciated, thanks
…On Thu, Aug 25, 2022 at 4:02 AM Marcus Hert Da Coregio < ***@***.***> wrote:
For now, there is no extensive sample showing the XML configuration. The
work on the migration guide and further examples are now paused since we
have a lot on our plate with the upcoming major releases.
I'd suggest that you read the migration guide and also the reference docs
to see the differences, if there is something that you cannot figure out,
please open an issue and let's see how to improve that.
—
Reply to this email directly, view it on GitHub
<#9138 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AF6AG2MSTNP7ZPOE4VVFHQ3V25HFRANCNFSM4SWSYYMQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
You can see an example of a |
|
Hello
Earlier we used to extend the class SAMLContextProviderImpl to wrap it for
load balancer. So is that taken care of in 5.7.3 and opensaml 4?
If not, what is the equivalent class that needs to be extended?
Thank you
…On Fri, Aug 26, 2022 at 7:48 AM Marcus Hert Da Coregio < ***@***.***> wrote:
You can see an example of a RelyingPartyRegistration configuration with
its certificates here
<https://github.com/spring-projects/spring-security-samples/blob/5.7.x/servlet/spring-boot/java/saml2/login-single-tenant/src/main/java/example/SecurityConfiguration.java>,
it may help you since you are having problems with conversion to a private
key.
—
Reply to this email directly, view it on GitHub
<#9138 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AF6AG2JZISVNCZOMC3VRTR3V3DKM5ANCNFSM4SWSYYMQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Context
In our current project we've been using spring saml extension for a couple of years. It works fine so far except this extension isn't supported anymore. Right now we are planning to migrate to Spring Security native implementation instead of using the outdated extension. We don't have Spring Boot and all our configs for Spring Security are XML-based. Is there any information about migration for existing users and what's more important some examples of XML-based configuration without Spring Boot?
Expected Behavior
Would be awesome to have:
Current Behavior
The text was updated successfully, but these errors were encountered: