Example 1 with RelyingPartyRegistrationRepository
use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository in project midpoint by Evolveum.
the class SamlModuleWebSecurityConfiguration method buildInternal.
private static SamlModuleWebSecurityConfiguration buildInternal(Saml2AuthenticationModuleType modelType, String prefixOfSequence, String publicHttpUrlPattern, ServletRequest request) {
SamlModuleWebSecurityConfiguration configuration = new SamlModuleWebSecurityConfiguration();
build(configuration, modelType, prefixOfSequence);
List<Saml2ServiceProviderAuthenticationModuleType> serviceProviders = modelType.getServiceProvider();
List<RelyingPartyRegistration> registrations = new ArrayList<>();
serviceProviders.forEach(serviceProviderType -> {
Saml2KeyAuthenticationModuleType keysType = serviceProviderType.getKeys();
Saml2ProviderAuthenticationModuleType providerType = serviceProviderType.getIdentityProvider();
RelyingPartyRegistration.Builder registrationBuilder = getRelyingPartyFromMetadata(providerType.getMetadata(), providerType);
SamlAdditionalConfiguration.Builder additionalConfigBuilder = SamlAdditionalConfiguration.builder();
createRelyingPartyRegistration(registrationBuilder, additionalConfigBuilder, providerType, publicHttpUrlPattern, configuration, keysType, serviceProviderType, request);
RelyingPartyRegistration registration = registrationBuilder.build();
registrations.add(registration);
configuration.additionalConfiguration.put(registration.getRegistrationId(), additionalConfigBuilder.build());
});
InMemoryRelyingPartyRegistrationRepository relyingPartyRegistrationRepository = new InMemoryRelyingPartyRegistrationRepository(registrations);
configuration.setRelyingPartyRegistrationRepository(relyingPartyRegistrationRepository);
return configuration;
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
ArrayList(java.util.ArrayList)
InMemoryRelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository)
Example 2 with RelyingPartyRegistrationRepository
use of org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository in project spring-security by spring-projects.
the class Saml2LoginConfigurer method init.
/**
* {@inheritDoc}
* <p>
* Initializes this filter chain for SAML 2 Login. The following actions are taken:
* <ul>
* <li>The WebSSO endpoint has CSRF disabled, typically {@code /login/saml2/sso}</li>
* <li>A {@link Saml2WebSsoAuthenticationFilter is configured}</li>
* <li>The {@code loginProcessingUrl} is set</li>
* <li>A custom login page is configured, <b>or</b></li>
* <li>A default login page with all SAML 2.0 Identity Providers is configured</li>
* <li>An {@link AuthenticationProvider} is configured</li>
* </ul>
*/
@Override
public void init(B http) throws Exception {
registerDefaultCsrfOverride(http);
relyingPartyRegistrationRepository(http);
this.saml2WebSsoAuthenticationFilter = new Saml2WebSsoAuthenticationFilter(getAuthenticationConverter(http), this.loginProcessingUrl);
setAuthenticationRequestRepository(http, this.saml2WebSsoAuthenticationFilter);
setAuthenticationFilter(this.saml2WebSsoAuthenticationFilter);
super.loginProcessingUrl(this.loginProcessingUrl);
if (StringUtils.hasText(this.loginPage)) {
// Set custom login page
super.loginPage(this.loginPage);
super.init(http);
} else {
Map<String, String> providerUrlMap = getIdentityProviderUrlMap(this.authenticationRequestUri, this.relyingPartyRegistrationRepository);
boolean singleProvider = providerUrlMap.size() == 1;
if (singleProvider) {
// Setup auto-redirect to provider login page
// when only 1 IDP is configured
this.updateAuthenticationDefaults();
this.updateAccessDefaults(http);
String loginUrl = providerUrlMap.entrySet().iterator().next().getKey();
final LoginUrlAuthenticationEntryPoint entryPoint = new LoginUrlAuthenticationEntryPoint(loginUrl);
registerAuthenticationEntryPoint(http, entryPoint);
} else {
super.init(http);
}
}
this.initDefaultLoginFilter(http);
}
Also used :
LoginUrlAuthenticationEntryPoint(org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)
Saml2WebSsoAuthenticationFilter(org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter)
Aggregations
ArrayList (java.util.ArrayList)1
InMemoryRelyingPartyRegistrationRepository (org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository)1
RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)1
Saml2WebSsoAuthenticationFilter (org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter)1
LoginUrlAuthenticationEntryPoint (org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint)1
