how to configure both spring security basic authentication and SAML authentication using spring-sample example within same application

Question

I have an application that uses spring security basic authentication which validates user details against the database. There are a specific set of users who are validated against SSO database. Using SAML, I was able to validate against SSO database.

But the problem is how to integrate both basic authentication and SAML authentication in a single application and direct the user to a specific authentication. Another reason, being both use different authentication providers as well.

I have used spring-saml example to configure SAML.

ANother problem is with the intercept-url patterns. In the below configuration, both the security configurations are not mapped with PATTERN attribute because of which exception when server is started as there are two configurations which are mapped to /** (any request). How to resolve this exception?

For eg:

<security:http access-denied-page="/saml/web/metadata/login">
    <security:form-login login-processing-url="/saml/web/login" login-page="/saml/web/metadata/login" default-target-url="/saml/web/metadata"/>
    <security:intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
    <security:intercept-url pattern="/logout" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
    <security:intercept-url pattern="/home" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
    <security:custom-filter before="FIRST" ref="metadataGeneratorFilter"/>
</security:http>

<security:http pattern="/saml/mysignin" entry-point-ref="samlEntryPoint">
    <security:intercept-url pattern="/saml/mysignin" access="IS_AUTHENTICATED_FULLY"/>
    <security:custom-filter before="FIRST" ref="metadataGeneratorFilter"/>
    <security:custom-filter after="BASIC_AUTH_FILTER" ref="samlFilter"/>
</security:http>

<bean id="samlFilter" class="org.springframework.security.web.FilterChainProxy">
    <security:filter-chain-map request-matcher="ant">
        <security:filter-chain pattern="/saml/login/**" filters="samlEntryPoint"/>
        <security:filter-chain pattern="/saml/logout/**" filters="samlLogoutFilter"/>
        <security:filter-chain pattern="/saml/metadata/**" filters="metadataDisplayFilter"/>
        <security:filter-chain pattern="/saml/SSO/**" filters="samlWebSSOProcessingFilter"/>
        <security:filter-chain pattern="/saml/SSOHoK/**" filters="samlWebSSOHoKProcessingFilter"/>
        <security:filter-chain pattern="/saml/SingleLogout/**" filters="samlLogoutProcessingFilter"/>
        <security:filter-chain pattern="/saml/discovery/**" filters="samlIDPDiscovery"/>
    </security:filter-chain-map>
</bean>

Answer 1

The sample application in Spring SAML 1.0.0 contains both basic authentication with username and password and SAML-based authentication. Use it as an example.