From a4111a606b846d52c687d50a285297e11541f557 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 6 May 2025 03:13:37 +0000 Subject: [PATCH 1/3] Bump io.spring.gradle:spring-security-release-plugin from 1.0.5 to 1.0.6 Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.5 to 1.0.6. - [Release notes](https://github.com/spring-io/spring-security-release-tools/releases) - [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.5...v1.0.6) --- updated-dependencies: - dependency-name: io.spring.gradle:spring-security-release-plugin dependency-version: 1.0.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index b80f8aecc3..954255d36d 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -34,7 +34,7 @@ io-spring-javaformat-spring-javaformat-checkstyle = { module = "io.spring.javafo io-spring-javaformat-spring-javaformat-gradle-plugin = { module = "io.spring.javaformat:spring-javaformat-gradle-plugin", version.ref = "io-spring-javaformat" } io-spring-nohttp-nohttp-checkstyle = { module = "io.spring.nohttp:nohttp-checkstyle", version.ref = "io-spring-nohttp" } io-spring-nohttp-nohttp-gradle = { module = "io.spring.nohttp:nohttp-gradle", version.ref = "io-spring-nohttp" } -io-spring-security-release-plugin = "io.spring.gradle:spring-security-release-plugin:1.0.5" +io-spring-security-release-plugin = "io.spring.gradle:spring-security-release-plugin:1.0.6" jakarta-annotation-jakarta-annotation-api = "jakarta.annotation:jakarta.annotation-api:2.1.1" jakarta-inject-jakarta-inject-api = "jakarta.inject:jakarta.inject-api:2.0.1" jakarta-persistence-jakarta-persistence-api = "jakarta.persistence:jakarta.persistence-api:3.1.0" From ec462e8bc5b7ca9e64b60182eb270182de801b23 Mon Sep 17 00:00:00 2001 From: Danilo Piazzalunga Date: Thu, 8 May 2025 20:37:47 +0000 Subject: [PATCH 2/3] Update assertingparty property usage in YAML snippets Spring Boot 2.7 renamed spring.security.saml2.relyingparty.registration.*.identityprovider.* to spring.security.saml2.relyingparty.registration.*.assertingparty.*. Closes gh-12810. Signed-off-by: Danilo Piazzalunga --- .../pages/servlet/saml2/login/authentication-requests.adoc | 2 +- docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc b/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc index 4e0ec21d32..1195cb2933 100644 --- a/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc +++ b/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc @@ -67,7 +67,7 @@ spring: saml2: relyingparty: okta: - identityprovider: + assertingparty: entity-id: ... singlesignon.sign-request: false ---- diff --git a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc index 396edb8bd2..53b0fc3fcb 100644 --- a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc +++ b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc @@ -125,7 +125,7 @@ spring: relyingparty: registration: adfs: - identityprovider: + assertingparty: entity-id: https://idp.example.com/issuer verification.credentials: - certificate-location: "classpath:idp.crt" @@ -839,11 +839,11 @@ spring: signing.credentials: &relying-party-credentials - private-key-location: classpath:rp.key certificate-location: classpath:rp.crt - identityprovider: + assertingparty: entity-id: ... azure: signing.credentials: *relying-party-credentials - identityprovider: + assertingparty: entity-id: ... ---- From 27319e3f9b304194ef601f4e0f95987a0a33daea Mon Sep 17 00:00:00 2001 From: Danilo Piazzalunga Date: Thu, 8 May 2025 20:46:25 +0000 Subject: [PATCH 3/3] Add missing registration property in YAML listing Signed-off-by: Danilo Piazzalunga --- .../saml2/login/authentication-requests.adoc | 9 ++++---- .../pages/servlet/saml2/login/overview.adoc | 21 ++++++++++--------- 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc b/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc index 1195cb2933..2f794becf3 100644 --- a/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc +++ b/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc @@ -66,10 +66,11 @@ spring: security: saml2: relyingparty: - okta: - assertingparty: - entity-id: ... - singlesignon.sign-request: false + registration: + okta: + assertingparty: + entity-id: ... + singlesignon.sign-request: false ---- Java:: diff --git a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc index 53b0fc3fcb..e394fb2a08 100644 --- a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc +++ b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc @@ -835,16 +835,17 @@ spring: security: saml2: relyingparty: - okta: - signing.credentials: &relying-party-credentials - - private-key-location: classpath:rp.key - certificate-location: classpath:rp.crt - assertingparty: - entity-id: ... - azure: - signing.credentials: *relying-party-credentials - assertingparty: - entity-id: ... + registration: + okta: + signing.credentials: &relying-party-credentials + - private-key-location: classpath:rp.key + certificate-location: classpath:rp.crt + assertingparty: + entity-id: ... + azure: + signing.credentials: *relying-party-credentials + assertingparty: + entity-id: ... ---- Second, in a database, you need not replicate the model of `RelyingPartyRegistration`.