Questions tagged [spring-security-saml2]
104 questions
1
vote
0 answers
Migration from opnesaml2 to opensaml4
We are using opensaml-2.6.6 version, esapi-2.3.0.0 version and spring-security-saml2-core - 1.0.9 currently in our project. We are planning to upgrade to opensaml-core-4.0.1 version.
We have searched for the support for migration and we were not…
lokeshreddyalla5
- 11
- 1
1
vote
0 answers
Spring Boot 3.0 - SAML Login redirect not working
I'm currently upgrading from Spring Boot 2.7.7 to Spring Boot 3.0.1.
Unfortunately, the SAML-Redirect that works under Spring Boot 2.x does not work anymore.
I had to replace some deprecated code with what is recommended by Spring according to this…
marco
- 163
- 1
- 1
- 9
1
vote
0 answers
SAML Global Logout
I have setup two SPs(service provider) with ADFS server.
Currently I can logout well in each SP. However I would like to implement that once the IdP receives logout request, it will invalidate the login session from all the SPs.
Could it be…
Zin Bhone Htut
- 11
- 2
1
vote
0 answers
Spring Security SAML2, sending language code in -element
I'm currently migrating from Spring Security SAML Extension to Spring Security SAML2 and use case requires language code to be sent in Extensions -element.
With Spring Security SAML Extension this was done by:
Extending SAMLEntryPoint and storing…
KTJ
- 11
- 2
1
vote
0 answers
Saml2 spring-security single logout
It looks like the existing spring-security Saml2 configuration does not have the single logout functionality according to https://docs.spring.io/spring-security/site/docs/5.2.1.RELEASE/reference/htmlsingle/#saml2. I already have the logout url for…
abed abouniaj
- 31
- 4
1
vote
0 answers
Spring Security SAML2 issue signing SAMLRequest
I'm using spring boot 2.4.1 and spring security SAML2 support
I successfully configured my Service Provider. I created a self-signed certificate and I'm trying to use an IDP that requires signed AuthnRequests.
This is my…
Angelo Immediata
- 6,635
- 4
- 33
- 65
1
vote
1 answer
Custom `RelyingPartyRegistrationRepository` implementation
It looks like Spring always uses InMemoryRelyingPartyRegistrationRepository to return a RelyingPartyRegistrationRepository typed bean, refer to…
Gelin Luo
- 14,035
- 27
- 86
- 139
1
vote
0 answers
Enabling sessionManagement.sessionFixation for Spring Security original Extension
My team has a spring boot web application. We have recently added SAML support to a service our company provides to clients. We developed a solution based on the spring-security-saml 1.0.6 extension.
One of our clients performed a review and…
Darren Davis
- 11
- 3
1
vote
0 answers
Spring Security SAML is throwing Response doesn't have any valid assertion which would pass subject validation
Trying to test Spring Security SAML response with future dates for IssueInstant is failing with Response doesn't have any valid assertion which would pass subject validation. updated WebSSOProfileConsumerImpl for…
Anantha
- 11
- 1
1
vote
2 answers
Spring Security SAML2 multiple IDPs configuration
I am trying to configure multiple idps via RelyingPartyRegistrationRepository using spring security 5.3
This is my application.yaml config
spring:
security:
saml2:
relyingparty:
registration:
idpokta:
…
rootimbo
- 337
- 4
- 10
1
vote
1 answer
JWT authentication with fallback to SAML2 for the same path
I'm using spring-security-saml2-service-provider for authentication in one of my spring boot applications and I'm using a custom JwtAuthorizationFilter (via a http Authentication header) in a different spring boot application.
They both work…
lilalinux
- 2,903
- 3
- 43
- 53
1
vote
0 answers
How to Preserve Alternate Domain Name Across Spring Security Redirect - Spring Security SAML
Background
I trying to get a multi-tenant application working with Spring Security SAML so that it can authenticate against multiple Identity Providers. I'm trying to use different subdomains to resolve the IdP, so the user doesn't have to select…
SGT Grumpy Pants
- 4,118
- 4
- 42
- 64
1
vote
0 answers
Signature is not trusted in SAML AuthN response
I was using Spring Security SAML with Spring Boot using this template. However, after the certificates for my IDP were updated, the application stopped working and I realized that I was using Metadata interoperability profile (MetaIOP) for signature…
int-main
- 57
- 1
- 12
1
vote
0 answers
Spring security 5.20 + SAML2
Is it possible to start a SAML2 authentication process restricting to certain URLs? So my idea is to use a URL like /saml2login that launches all the SAML authentication process.
I've tr¡ed with something similar to:
…
drizzt.dourden
- 683
- 8
- 20
1
vote
1 answer
IDP initiated SingleLogout with not signed LogoutRequest
I have a spring boot v.5+ application which uses spring security saml.
When an idp initiated SingleLogout Request is called i get an error saying :
org.springframework.security.saml.SAMLStatusException: LogoutRequest is required to be signed by the…
billy tzez
- 155
- 1
- 2
- 11