Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Spring SAML - how to add custom fields on the SP HTTP request?

Tags:

spring

spring-security

spring-saml

saml

My service provider uses HTTP-Post binding to send the request to the IDP. I need to add new fields to the form. Right now I'm sending the "SAMLRequest" and "RelayState", but I also need to send "option" and "profile", these are fields required by our IDP. How can I accomplish this with Spring Saml security?

like image 768
user3754289 Avatar asked Feb 12 '23 03:02

user3754289

1 Answers

You can include additional fields in the Extensions element of the SAML AuthnRequest message. In order to so you need to overriding class WebSSOProfileImpl and configure your new implementation class in the securityContext.xml. The Extensions element can be constructed for example like this:

package example;

import org.opensaml.common.SAMLException;
import org.opensaml.saml2.common.Extensions;
import org.opensaml.saml2.common.impl.ExtensionsBuilder;
import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.metadata.AssertionConsumerService;
import org.opensaml.saml2.metadata.SingleSignOnService;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.xml.schema.XSAny;
import org.opensaml.xml.schema.impl.XSAnyBuilder;
import org.springframework.security.saml.context.SAMLMessageContext;
import org.springframework.security.saml.metadata.MetadataManager;
import org.springframework.security.saml.processor.SAMLProcessor;
import org.springframework.security.saml.websso.WebSSOProfileImpl;
import org.springframework.security.saml.websso.WebSSOProfileOptions;

/**
 * Customization of the AuthnRequest generation.
 */
public class WebSSOProfile extends WebSSOProfileImpl {

    public WebSSOProfile() {
    }

    public WebSSOProfile(SAMLProcessor processor, MetadataManager manager) {
        super(processor, manager);
    }

    @Override
    protected AuthnRequest getAuthnRequest(SAMLMessageContext context, WebSSOProfileOptions options, AssertionConsumerService assertionConsumer, SingleSignOnService bindingService) throws SAMLException, MetadataProviderException {
        AuthnRequest authnRequest = super.getAuthnRequest(context, options, assertionConsumer, bindingService);
        authnRequest.setExtensions(buildExtensions());
        return authnRequest;
    }

    protected Extensions buildExtensions() {

        XSAny extraElement = new XSAnyBuilder().buildObject("urn:myexample:extraAttribute", "ExtraElement", "myexample");
        extraElement.setTextContent("extraValue");

        Extensions extensions = new ExtensionsBuilder().buildObject();
        extensions.getUnknownXMLObjects().add(extraElement);

        return extensions;

    }

}
like image 150
Vladimír Schäfer Avatar answered Feb 15 '23 08:02

Vladimír Schäfer
Sign in to Comment

Related questions

Spring FactoryBean and autowiring not working : expected single matching bean but found 2
Spring AOP aspect around not executing
"Signature did not validate against the credential's key" with Junos as IdP
Spring Data and MongoDB repository - how to create an update query?
How can I clear ehcahe objects in spring configured java project programmatically
Is there any option to set AutomaticRecoveryEnabled in RabbitMQ using Spring-AMQP?
@InitBinder with @RequestBody escaping XSS in Spring 3.2.4

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!