Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add OpenSAML 3 and 4 Explanation 

Closes gh-10014
This commit is contained in:
Josh Cummings 2021-06-28 13:17:02 -06:00
parent 5940b8dee7
commit 0080aeee94
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/manual/src/docs/asciidoc/_includes/servlet/saml2/saml2-login.adoc
View File

@ -154,6 +154,12 @@ Instead, classes like `OpenSaml4AuthenticationRequestFactory` and `OpenSaml4Auth
For example, once your application receives a `SAMLResponse` and delegates to `Saml2WebSsoAuthenticationFilter`, the filter will delegate to `OpenSaml4AuthenticationProvider`.
[NOTE]
For backward compatibility, Spring Security will use the latest OpenSAML 3 by default.
Note, though that OpenSAML 3 has reached it's end-of-life and updating to OpenSAML 4.x is recommended.
For that reason, Spring Security supports both OpenSAML 3.x and 4.x.
If you manage your OpenSAML dependency to 4.x, then Spring Security will select its OpenSAML 4.x implementations.
.Authenticating an OpenSAML `Response`
image:{figures}/opensamlauthenticationprovider.png[]