Stack Overflow
Stack Overflow

Questions tagged [spring-saml]

Spring Security SAML Extension enables seamless inclusion of SAML 2.0 Service Provider capabilities in Spring applications.

Spring Security SAML Extension enables integration of Spring applications with all SAML 2.0 Identity Provider products such as ADFS 2.0, Shibboleth, OpenAM/OpenSSO, Ping Federate and Okta.

Official Website: http://projects.spring.io/spring-security-saml/

Useful links:

753 questions
7
votes
2 answers

Spring Security SAML with Spring session

I am using OpenAM as my IDP and my SP (an angular2 SPA) is based on the example shared at: https://github.com/vdenotaris/spring-boot-security-saml-sample After authentication, my webapp is supposed to invoke few REST services which are secured via…
Vin
  • 71
  • 1
  • 5
7
votes
2 answers

Query string not preserved in SAML HTTP Redirect binding

We use the Spring SAML Security Extension to implement SAML in our application. We now have the following problem: One of our customers is providing a URL for their identity provider that contains a parameter. The metadata looks like this (heavily…
musiKk
  • 14,751
  • 4
  • 55
  • 82
7
votes
1 answer

Using Spring SAML as an IDP rather than an SP

Are you able to use Spring SAML if you are implementing as an IDP? I have used it in the past when acting as a Service Provider, and having read the documentation its not clear on whether I can use it as an IDP. Note - I originally asked for…
Chris P
  • 83
  • 1
  • 6
7
votes
1 answer

Spring Security and nested FilterChainProxy writing SAML Service Provider

I am trying to figure out a problem involving Spring Security and SAML. We are trying to use Spring Security (spring-security-core-3.1.1.RELEASE.jar) and SAML (spring-security-saml2-core-1.0.0-RC1-SNAPSHOT.jar) to modify our product to be a SAML SP.…
fool4jesus
  • 2,147
  • 3
  • 23
  • 34
6
votes
3 answers

SameSite attribute break SAML flow

Chrome 80 will introduce a new attribute which is SameSite. Strict - Only attach cookies for ‘same-site’ requests. Lax - Send cookies for ‘same-site’ requests, along with ‘cross-site’ top level navigations using safe HTTP methods e.g. (GET HEAD…
truongnm
  • 2,311
  • 2
  • 31
  • 48
6
votes
3 answers

Error validating SAML message

i'm trying Okta quick start for Java tomcat SAML, I am very new to this topic. When I start my test application I do see a link to Okta IDP, after clicking "Start single sign-on" button i am being redirected to Okta address with info "Sining in to…
ZaCk1231
  • 61
  • 1
  • 1
  • 3
6
votes
1 answer

Custom SAMLUserDetailsService not populating custom UserDetails

I have a Spring project and I'm converting my current authentication to use SAML2. I have everything working as far as authentication, but I'm having difficulty in getting the SAML2 extension to insert my custom UserDetails object into the Spring…
alessandro ferrucci
  • 1,261
  • 2
  • 24
  • 48
6
votes
1 answer

Getting error while decryptition of Saml token

I am getting error while decryption of saml token. However this issue is not consistent it works after restarting server. It was working properly till last night :( DEBUG Decrypter:631 - Attempt to decrypt EncryptedKey using credential from KEK…
ManojP
  • 6,113
  • 2
  • 37
  • 49
6
votes
1 answer

Spring Security SAML assertion expiry with Application Session Expiry

I'm getting confused with the SAML assertion expiry vs Application session expiry. In simple words, when we have an application deployed in a container, there is a session created. This session expiry can be controlled with the below entry in…
rakpan
  • 2,773
  • 4
  • 26
  • 36
6
votes
4 answers

No IDP was configured, please update included metadata with at least one IDP

I'm trying to execute Spring Security SAML Sample application following all steps referenced here : http://docs.spring.io/autorepo/docs/spring-security-saml/1.0.x-SNAPSHOT/reference/htmlsingle/#quick-start-steps. However, when I try to test single…
Victor
  • 63
  • 1
  • 1
  • 4
6
votes
1 answer

Spring SAML integration with WSO2 Identity server, SAML Message ID not reconised

I have taken the Spring SAML example (see section 4.2 in this guide) which works with the Open source login page SSO, and tried to add support to use WSO2 Identity Server as an additional IDP service. To do this I changed the spring SAML sample…
user1232555
  • 1,099
  • 3
  • 11
  • 18
6
votes
3 answers

java.io.IOException: Invalid keystore format Spring Security SAML Extension

I have successfully gotten the Spring Security SAML Extension sample application to run. Now, I'm trying to integrate it into my main application. Before I tried to integrate with my application, I created a sample application to integrate it with…
NuAlphaMan
  • 713
  • 4
  • 12
  • 25
6
votes
2 answers

Handling SAML Redirects on AJAX Requests

I have several AngularJS apps all using Spring/Java and SAML 2.0 for SSO (leveraging the Spring Security SAML extension). My SSO id provider is OpenAM and everything is working pretty well. However, I am running into a situation when a user does a…
Dan Hayes
  • 83
  • 1
  • 5
5
votes
1 answer

Multiple pre-auth filters in Spring Security?

I have a need to have multiple PRE_AUTH Spring Security filters. In particular I need to use a PRE_AUTH filter in addition to the two filters configured as PRE_AUTH in the SAML extension to Spring Security 3.0. The existing SAML configuration…
C. Ross
  • 31,137
  • 42
  • 147
  • 238
5
votes
3 answers

how to create own IDP for SAML in java or node

I want to create a SSO to be used by multiple applications, what would be the best way to do it. I was going through SAML2.0 but I am confused as I didn’t find any articles to create own/custom SAML IDP. 1.How feasible it is to create own…
vamsi nirala
  • 75
  • 1
  • 1
  • 5
1 2
3
50 51