Stack Overflow
Stack Overflow

Questions tagged [spring-security-saml2]

104 questions
0
votes
1 answer

Spring Security SAML2 and Username Password Login in the same API

I am working on implementing a login feature to secure a REST API in Spring Boot and I am struggling to get both the Username/Password JWT authentication and SAML2 authentication to work at the same time. The configuration I give highest priority to…
Ryan Mueller
  • 1
  • 1
0
votes
1 answer

Excluding slf4j-api from spring-security-saml2-core, we are getting a runtime exception NoClassDefFound: org/slf4j/LoggerFactory

After the log4j zero-day vulnerability, we started to look if there are any more artifacts that are using either slf4J or lower versions of log4j. Checking the mvn dependency tree we have figured that spring-security-saml2-core is using slf4j, and…
kanhaiyakumar
  • 43
  • 7
0
votes
2 answers

Can we use spring-security-saml2-service-provider in Quarkus

We are new to Quarkus and are using it to build a simple Service Provider for Single sign on via SAML protocol with Okta as IdentityProvider. Unfortunately Quarkus only supports OpenId Connect (we could not find any guide for SAML protocol).…
QuocNg
  • 122
  • 1
  • 8
0
votes
0 answers

Spring Security Saml error decrypting key from SOAP Response - No installed provider supports this key: sun.security.ec.ECPrivateKeyImpl

I'm trying to implement SSO with Spring Security SAML but error occurs while decrypting key from SOAP assertion response. SOAP response:
user989260
  • 21
  • 1
  • 3
0
votes
1 answer

Routing to Angular component after Jersey & Spring SAML Security SSO Validation

I am working on an app which is using Angular as frontend and Jersey Integrated with Spring SAML Security for SSO Authentication. I tried to invoke the app from Angular (http://localhost:4200) which will call an API call to Jersey Project which will…
Vineel Pellella
  • 332
  • 2
  • 4
  • 20
0
votes
1 answer

@Bean method requires to return null conditionally

I have basic authentication enabled in my system and now I am trying to integrate the SAML auth using Spring-security-SAML. I have created a method that returns the RelyingPartRegistrationRepository bean. In a condition While the user-configured…
kushal agrawal
  • 167
  • 2
  • 5
0
votes
0 answers

Saml2Login with Grails Spring Security Core

Able to redirect to IDP login page with compile group: 'org.springframework.security', name: 'spring-security-saml2-service-provider', version: '5.4.6' in grails application. Unable to redirect to IDP login page by adding compile…
Sandhya
  • 11
  • 1
0
votes
1 answer

Spring Secuirty SAML2 Core - Add a key for an Identity Provider created on runtime

Currently I am editing existing implementation of SAML support on my project using Spring Security. I have multiple IdentityProviders, for which I store data in the database. Using my app UI I can add new IdentityProviders on runtime, which will be…
Mike
  • 367
  • 2
  • 5
  • 15
0
votes
1 answer

"No KeyInfo Generator provided" for spring-security-saml2-service-provider

I have an application that connects to a SAML idP that only supports the POST Binding. After configuring my application which uses spring-security-saml2-service-provider to manually create a POST Authentication request, I looked at the XML that got…
Yasir Merchant
  • 23
  • 5
0
votes
1 answer

IDP Metadata losing port in location URLs when using https

I'm testing an application that uses spring-security-saml and using KeyCloak as the indentity provider for testing. KeyCloak by default runs on both http, and https with a self-signed cert. When retrieving the metadata over https in a browser at…
Bryan Bende
  • 18,320
  • 1
  • 28
  • 39
0
votes
1 answer

Integrating SAML based SSO with Third party service provider

We have to integrate third party SP for SSO. Our application is a wrapper in spring(not springboot) and it has authentication/authorization module calling backend service using mongo as DB. Now the requirement is to integrate SSO SAML based SP…
Vivek Misra
  • 165
  • 2
  • 15
0
votes
1 answer

Spring Security SAML replay attack prevention

As described in Profiles for the OASIS SecurityAssertion Markup Language (SAML)V2.0 (https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf) chapter 4.1.4.5 a service provider MUST prevent replay attacks by keeping a cache for a…
Kayci
  • 1
  • 1
  • 1
0
votes
1 answer

saml Integrating Ruby(IDP) and Java(SP)

I am implementing saml SSO. In this IDP is writen in ruby and SP is written in java. for ruby we are using saml_idp & ruby-saml gems. For java i am trying to use spring-security-saml-dsl. The saml authrequest from SP is in the following format
Shanmugam Sundaram
  • 143
  • 1
  • 2
  • 8
0
votes
1 answer

Spring Security 5.2+ Saml Metadata

Question regarding SAML in 5.2+ of Spring Security, the documentation implies that there is no end point for metadata generate for a SP, is that correct? That seems that is what the document says, but the URLs include things like…
csyperski
  • 992
  • 3
  • 15
  • 33
0
votes
1 answer

Spring SAML Security Certificate Caching Issue

I am using Spring security SAML 1.0.3 Release version. I figured out a problem that if we upload a certificate for the IDP it does not get reflected in the Spring SAML. The problem seems to be with MetadataCredentialResolver where there is a cache…
sunder
  • 968
  • 2
  • 11
  • 31
1 2 3 4 5
6
7