Update README for SAML 2.0 samples
This commit is contained in:
parent
cb4bd098e3
commit
551f715b7c
|
@ -12,18 +12,18 @@ The https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[S
|
||||||
|
|
||||||
=== SAML 2.0 Login
|
=== SAML 2.0 Login
|
||||||
|
|
||||||
`saml2Login()` provides a very simple implementation of a Service Provider that can receive a SAML 2.0 Response via the HTTP-POST and HTTP-REDIRECT bindings against the SimpleSAMLphp SAML 2.0 reference implementation.
|
`saml2Login()` provides a very simple implementation of a Service Provider that can receive a SAML 2.0 Response via the HTTP-POST and HTTP-REDIRECT bindings against the https://developer.okta.com/docs/guides/build-sso-integration/saml2/main/[Okta SAML 2.0 IDP] reference implementation.
|
||||||
|
|
||||||
The following features are implemented in the MVP:
|
The following features are implemented in the MVP:
|
||||||
|
|
||||||
1. Receive and validate a SAML 2.0 Response containing an assertion, and create a corresponding authentication in Spring Security
|
1. Receive and validate a SAML 2.0 Response containing an assertion, and create a corresponding authentication in Spring Security
|
||||||
2. Send a SAML 2.0 AuthNRequest to an Identity Provider
|
2. Send a SAML 2.0 AuthNRequest to an Identity Provider
|
||||||
3. Provide a framework for components used in SAML 2.0 authentication that can be swapped by configuration
|
3. Provide a framework for components used in SAML 2.0 authentication that can be swapped by configuration
|
||||||
4. Work against the SimpleSAMLphp reference implementation
|
4. Work against the Okta SAML 2.0 IDP reference implementation
|
||||||
|
|
||||||
=== SAML 2.0 Single Logout
|
=== SAML 2.0 Single Logout
|
||||||
|
|
||||||
`saml2Logout()` supports RP- and AP-initiated SAML 2.0 Single Logout via the HTTP-POST and HTTP-REDIRECT bindings against the SimpleSAMLphp SAML 2.0 reference implementation.
|
`saml2Logout()` supports RP- and AP-initiated SAML 2.0 Single Logout via the HTTP-POST and HTTP-REDIRECT bindings against the https://developer.okta.com/docs/guides/build-sso-integration/saml2/main/[Okta SAML 2.0 IDP] reference implementation.
|
||||||
|
|
||||||
On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.
|
On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.
|
||||||
|
|
||||||
|
@ -31,20 +31,21 @@ You can refer to the https://docs.spring.io/spring-security/reference/servlet/sa
|
||||||
|
|
||||||
== Run the Sample
|
== Run the Sample
|
||||||
|
|
||||||
=== Start up the application
|
=== Start up the Sample Boot Application
|
||||||
|
```
|
||||||
You should run the application war in a servlet container like Tomcat
|
./gradlew :spring-security-samples-boot-saml2login:bootRun
|
||||||
|
```
|
||||||
|
|
||||||
=== Open a Browser
|
=== Open a Browser
|
||||||
|
|
||||||
http://localhost:8080/
|
http://localhost:8080/
|
||||||
|
|
||||||
You will be redirect to the SimpleSAMLphp IDP
|
You will be redirect to the Okta SAML 2.0 IDP
|
||||||
|
|
||||||
=== Type in your credentials
|
=== Type in your credentials
|
||||||
|
|
||||||
```
|
```
|
||||||
User: user
|
User: testuser@spring.security.saml
|
||||||
Password: password
|
Password: 12345678
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -12,18 +12,18 @@ The https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[S
|
||||||
|
|
||||||
=== SAML 2.0 Login
|
=== SAML 2.0 Login
|
||||||
|
|
||||||
`saml2Login()` provides a very simple implementation of a Service Provider that can receive a SAML 2.0 Response via the HTTP-POST and HTTP-REDIRECT bindings against the SimpleSAMLphp SAML 2.0 reference implementation.
|
`saml2Login()` provides a very simple implementation of a Service Provider that can receive a SAML 2.0 Response via the HTTP-POST and HTTP-REDIRECT bindings against the https://developer.okta.com/docs/guides/build-sso-integration/saml2/main/[Okta SAML 2.0 IDP] reference implementation.
|
||||||
|
|
||||||
The following features are implemented in the MVP:
|
The following features are implemented in the MVP:
|
||||||
|
|
||||||
1. Receive and validate a SAML 2.0 Response containing an assertion, and create a corresponding authentication in Spring Security
|
1. Receive and validate a SAML 2.0 Response containing an assertion, and create a corresponding authentication in Spring Security
|
||||||
2. Send a SAML 2.0 AuthNRequest to an Identity Provider
|
2. Send a SAML 2.0 AuthNRequest to an Identity Provider
|
||||||
3. Provide a framework for components used in SAML 2.0 authentication that can be swapped by configuration
|
3. Provide a framework for components used in SAML 2.0 authentication that can be swapped by configuration
|
||||||
4. Work against the SimpleSAMLphp reference implementation
|
4. Work against the Okta SAML 2.0 IDP reference implementation
|
||||||
|
|
||||||
=== SAML 2.0 Single Logout
|
=== SAML 2.0 Single Logout
|
||||||
|
|
||||||
`saml2Logout()` supports RP- and AP-initiated SAML 2.0 Single Logout via the HTTP-POST and HTTP-REDIRECT bindings against the SimpleSAMLphp SAML 2.0 reference implementation.
|
`saml2Logout()` supports RP- and AP-initiated SAML 2.0 Single Logout via the HTTP-POST and HTTP-REDIRECT bindings against the https://developer.okta.com/docs/guides/build-sso-integration/saml2/main/[Okta SAML 2.0 IDP] reference implementation.
|
||||||
|
|
||||||
On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.
|
On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.
|
||||||
|
|
||||||
|
@ -40,12 +40,12 @@ You can refer to the https://docs.spring.io/spring-security/reference/servlet/sa
|
||||||
|
|
||||||
http://localhost:8080/
|
http://localhost:8080/
|
||||||
|
|
||||||
You will be redirect to the SimpleSAMLphp IDP
|
You will be redirect to the Okta SAML 2.0 IDP
|
||||||
|
|
||||||
=== Type in your credentials
|
=== Type in your credentials
|
||||||
|
|
||||||
```
|
```
|
||||||
User: user
|
User: testuser@spring.security.saml
|
||||||
Password: password
|
Password: 12345678
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -12,18 +12,18 @@ The https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[S
|
||||||
|
|
||||||
=== SAML 2.0 Login
|
=== SAML 2.0 Login
|
||||||
|
|
||||||
`saml2Login()` provides a very simple implementation of a Service Provider that can receive a SAML 2.0 Response via the HTTP-POST and HTTP-REDIRECT bindings against the SimpleSAMLphp SAML 2.0 reference implementation.
|
`saml2Login()` provides a very simple implementation of a Service Provider that can receive a SAML 2.0 Response via the HTTP-POST and HTTP-REDIRECT bindings against the https://developer.okta.com/docs/guides/build-sso-integration/saml2/main/[Okta SAML 2.0 IDP] reference implementation.
|
||||||
|
|
||||||
The following features are implemented in the MVP:
|
The following features are implemented in the MVP:
|
||||||
|
|
||||||
1. Receive and validate a SAML 2.0 Response containing an assertion, and create a corresponding authentication in Spring Security
|
1. Receive and validate a SAML 2.0 Response containing an assertion, and create a corresponding authentication in Spring Security
|
||||||
2. Send a SAML 2.0 AuthNRequest to an Identity Provider
|
2. Send a SAML 2.0 AuthNRequest to an Identity Provider
|
||||||
3. Provide a framework for components used in SAML 2.0 authentication that can be swapped by configuration
|
3. Provide a framework for components used in SAML 2.0 authentication that can be swapped by configuration
|
||||||
4. Work against the SimpleSAMLphp reference implementation
|
4. Work against the Okta SAML 2.0 IDP reference implementation
|
||||||
|
|
||||||
=== SAML 2.0 Single Logout
|
=== SAML 2.0 Single Logout
|
||||||
|
|
||||||
`saml2Logout()` supports RP- and AP-initiated SAML 2.0 Single Logout via the HTTP-POST and HTTP-REDIRECT bindings against the SimpleSAMLphp SAML 2.0 reference implementation.
|
`saml2Logout()` supports RP- and AP-initiated SAML 2.0 Single Logout via the HTTP-POST and HTTP-REDIRECT bindings against the https://developer.okta.com/docs/guides/build-sso-integration/saml2/main/[Okta SAML 2.0 IDP] reference implementation.
|
||||||
|
|
||||||
On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.
|
On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.
|
||||||
|
|
||||||
|
@ -40,12 +40,12 @@ You can refer to the https://docs.spring.io/spring-security/reference/servlet/sa
|
||||||
|
|
||||||
http://localhost:8080/
|
http://localhost:8080/
|
||||||
|
|
||||||
You will be redirect to the SimpleSAMLphp IDP
|
You will be redirect to the Okta SAML 2.0 IDP
|
||||||
|
|
||||||
=== Type in your credentials
|
=== Type in your credentials
|
||||||
|
|
||||||
```
|
```
|
||||||
User: user
|
User: testuser@spring.security.saml
|
||||||
Password: password
|
Password: 12345678
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
= SAML 2.0 Login & Logout Sample
|
= SAML 2.0 Refreshable Metadata
|
||||||
|
|
||||||
This guide provides instructions on setting up this SAML 2.0 Login & Logout sample application.
|
This guide provides instructions on setting up this SAML 2.0 Login & Logout sample application.
|
||||||
It uses https://simplesamlphp.org/[SimpleSAMLphp] as its asserting party.
|
It uses https://simplesamlphp.org/[SimpleSAMLphp] as its asserting party.
|
||||||
|
@ -12,18 +12,18 @@ The https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[S
|
||||||
|
|
||||||
=== SAML 2.0 Login
|
=== SAML 2.0 Login
|
||||||
|
|
||||||
`saml2Login()` provides a very simple implementation of a Service Provider that can receive a SAML 2.0 Response via the HTTP-POST and HTTP-REDIRECT bindings against the SimpleSAMLphp SAML 2.0 reference implementation.
|
`saml2Login()` provides a very simple implementation of a Service Provider that can receive a SAML 2.0 Response via the HTTP-POST and HTTP-REDIRECT bindings against the https://developer.okta.com/docs/guides/build-sso-integration/saml2/main/[Okta SAML 2.0 IDP] reference implementation.
|
||||||
|
|
||||||
The following features are implemented in the MVP:
|
The following features are implemented in the MVP:
|
||||||
|
|
||||||
1. Receive and validate a SAML 2.0 Response containing an assertion, and create a corresponding authentication in Spring Security
|
1. Receive and validate a SAML 2.0 Response containing an assertion, and create a corresponding authentication in Spring Security
|
||||||
2. Send a SAML 2.0 AuthNRequest to an Identity Provider
|
2. Send a SAML 2.0 AuthNRequest to an Identity Provider
|
||||||
3. Provide a framework for components used in SAML 2.0 authentication that can be swapped by configuration
|
3. Provide a framework for components used in SAML 2.0 authentication that can be swapped by configuration
|
||||||
4. Work against the SimpleSAMLphp reference implementation
|
4. Work against the Okta SAML 2.0 IDP reference implementation
|
||||||
|
|
||||||
=== SAML 2.0 Single Logout
|
=== SAML 2.0 Single Logout
|
||||||
|
|
||||||
`saml2Logout()` supports RP- and AP-initiated SAML 2.0 Single Logout via the HTTP-POST and HTTP-REDIRECT bindings against the SimpleSAMLphp SAML 2.0 reference implementation.
|
`saml2Logout()` supports RP- and AP-initiated SAML 2.0 Single Logout via the HTTP-POST and HTTP-REDIRECT bindings against the https://developer.okta.com/docs/guides/build-sso-integration/saml2/main/[Okta SAML 2.0 IDP] reference implementation.
|
||||||
|
|
||||||
On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.
|
On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.
|
||||||
|
|
||||||
|
@ -38,19 +38,21 @@ This particular implementation uses a `@Scheduled` annotation to update its meta
|
||||||
|
|
||||||
=== Start up the Sample Boot Application
|
=== Start up the Sample Boot Application
|
||||||
```
|
```
|
||||||
./gradlew :servlet:spring-boot:java:saml2:refreshable-metadata:bootRun
|
./gradlew :spring-security-samples-boot-saml2login:bootRun
|
||||||
```
|
```
|
||||||
|
|
||||||
=== Open a Browser
|
=== Open a Browser
|
||||||
|
|
||||||
http://localhost:8080/
|
http://localhost:8080/
|
||||||
|
|
||||||
You will be redirect to the SimpleSAMLphp IDP
|
You will be redirect to the Okta SAML 2.0 IDP
|
||||||
|
|
||||||
=== Type in your credentials
|
=== Type in your credentials
|
||||||
|
|
||||||
```
|
```
|
||||||
User: user
|
User: testuser@spring.security.saml
|
||||||
Password: password
|
Password: 12345678
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue