Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Spring Boot and SAML 2.0

Tags:

spring

spring-boot

saml-2.0

Is there a way to integrate SAML 2.0 in a Spring Boot-based application? I'd like to implement my own SP and communicate with a remote IdP.

like image 758
vdenotaris Avatar asked Apr 18 '14 08:04

vdenotaris

People also ask

Does spring boot support SAML?

Spring SAML Extension allows seamless inclusion of SAML 2.0 Service Provider capabilities in Spring applications. All products supporting SAML 2.0 in Identity Provider mode (e.g. ADFS 2.0, Shibboleth, OpenAM/OpenSSO, Ping Federate, Okta) can be used to connect with Spring SAML Extension.

Is SAML 2.0 Obsolete?

SAML 2.0 was introduced in 2005 and remains the current version of the standard. The previous version, 1.1, is now largely deprecated.

2 Answers

I implemented a sample project in order to show how to integrate Spring Security SAML Extension with Spring Boot.

The source code is published on GitHub:

  • spring-boot-saml-integration on GitHub
like image 136
vdenotaris Avatar answered Oct 15 '22 19:10

vdenotaris

I recently released a spring boot plugin for this here. It is basically a wrapper around Spring Security SAML that allows for friendlier configuration through a DSL or config properties. Here's an example using the DSL:

@SpringBootApplication
@EnableSAMLSSO
public class SpringBootSecuritySAMLDemoApplication {

    public static void main(String[] args) {
        SpringApplication.run(SpringBootSecuritySAMLDemoApplication.class, args);
    }

    @Configuration
    public static class MvcConfig extends WebMvcConfigurerAdapter {

        @Override
        public void addViewControllers(ViewControllerRegistry registry) {
            registry.addViewController("/").setViewName("index");
        }
    }

    @Configuration
    public static class MyServiceProviderConfig extends ServiceProviderConfigurerAdapter {
        @Override
        public void configure(ServiceProviderSecurityBuilder serviceProvider) throws Exception {
            serviceProvider
                .metadataGenerator()
                .entityId("localhost-demo")
            .and()
                .sso()
                .defaultSuccessURL("/home")
                .idpSelectionPageURL("/idpselection")
            .and()
                .logout()
                .defaultTargetURL("/")
            .and()
                .metadataManager()
                .metadataLocations("classpath:/idp-ssocircle.xml")
                .refreshCheckInterval(0)
            .and()
                .extendedMetadata()
                .idpDiscoveryEnabled(true)
            .and()
                .keyManager()
                .privateKeyDERLocation("classpath:/localhost.key.der")
                .publicKeyPEMLocation("classpath:/localhost.cert");

        }
    }
}

That's basically all the code you need.

like image 30
Ulises Avatar answered Oct 15 '22 20:10

Ulises
Sign in to Comment

Related questions

spring yml file for specific environment
Spring Boot Executable Jar with Classpath
Does Spring embedded database support different SQL dialects?
Spring @Async ignored
Are Spring's MockMvc used for unit testing or integration testing?
Mocking a property of a CGLIB proxied service not working
How to setup Spring/Heroku/postgres SSL datasource
Mongodb Increment value inside nested array
HashMap returned by Maps.newHashMap vs new HashMap
mybatis IllegalArgumentException: Mapped Statements collection does not contain value
SpringServletContainerInitializer cannot be cast to javax.servlet.ServletContainerInitializer
How to convert MultipartFile into byte stream
exception handling for filter in spring
Configuration Error: deployment source '(projectname): war exploded' is not valid
Authentication error when accessing mongodb through Spring Boot app
Can I set a JDBC timeout for a single query?
Spring security multiple hasIPAddress antMatchers
Annotation based ServiceLocatorFactoryBean?
How does Spring for Python compare with Spring for Java
context:property-placeholder not working for multiple files

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!