In the org.springframework.security.extensions versions of spring-security-saml2-core, we set the nameid-format:transient and classes:PasswordProtectedTransport in our service provider code like so:
WebSSOProfileOptions webSSOProfileOptions = new WebSSOProfileOptions();
webSSOProfileOptions.setIncludeScoping ( false );
webSSOProfileOptions.setNameID ( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" );
List<String> ac = new ArrayList<String>();
ac.add ( "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" );
webSSOProfileOptions.setAuthnContexts ( ac );
However, in the newer non-extension org.springframework.security implementations of spring-security-saml2-service-provider, there is no longer an WebSSOProfileOptions object.
How do we set nameid-format:transient and classes:PasswordProtectedTransport in the newer versions of Spring SAML? For now, we would like to maintain Java 8 compatibility, so we're interested in Spring security versions 5.6.x and 5.7.x.
I tried Googling, looking at XML metadata samples, browsing Spring classes, reading some Spring documentation, and not much reading newer Spring source code to try to understand where the settings should be specified.
