0

I am implementing SAML2.0 ServiceProvider in java using spring-security-saml-sample code. After successful login response gets redirect to root path(welcome file) of application.How to redirect it to any controller ?

Thanks, Tejas

Peter
  • 405
  • 3
  • 6
  • 14

2 Answers2

1

You can customize URL to which user gets redirected after successful authentication by changing bean successRedirectHandler, for example to:

<bean id="successRedirectHandler"
      class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
    <property name="defaultTargetUrl" value="/myControllerURL"/>
</bean>
Vladimír Schäfer
  • 15,375
  • 2
  • 51
  • 71
  • I had added the above bean in securitycontext.xml file but it doesn't work.After adding this code, it redirects to welcome file mentioned in web.xml – Peter Sep 08 '14 at 06:04
  • Then enable logging on debug level and add logs from the whole SSO process to the question. – Vladimír Schäfer Sep 08 '14 at 06:29
  • I am getting following logs:- SAML protocol message was not signed, skipping XML signature processing - AuthNResponse;SUCCESS;0:0:0:0:0:0:0:1;http://localhost:8080/ServiceProvider/saml/metadata;http://idp.ssocircle.com;tejas.chougule@xxxxx.in;; authentication org.springframework.security.providers.ExpiringUsernameAuthenticationToken@4a5c013f: Principal: tejas.chougule@xxxx.in; Credentials: [PROTECTED]; Authenticated: true; Details: null; Not granted any authorities – Peter Sep 08 '14 at 10:38
  • What I was asking about are complete logs with debug level enabled, this is just a very small part of the information which could help to troubleshoot your problem. One thing you could try is replacing class SavedRequestAwareAuthenticationSuccessHandler with SimpleUrlAuthenticationSuccessHandler – Vladimír Schäfer Sep 10 '14 at 17:43
0

If you're looking for the general way to maintain state through the login process, SAML2 is expected to preserve the RelayState variable (pass it alongside the SAMLRequest). Put whatever you'd like in it. I like base64'd json.

Rob Starling
  • 3,868
  • 3
  • 23
  • 40