Fix SAML 2.0 Javaconfig Sample

Issue gh-9362
2025-07-06 02:32:14 +00:00 · 2021-01-22 11:18:12 -07:00 · 2021-01-22 11:18:12 -07:00 · 7aeda7c8d8
commit 7aeda7c8d8
parent 02e13dc93e
4 changed files with 25 additions and 11 deletions
--- a/samples/javaconfig/saml2login/spring-security-samples-javaconfig-saml2-login.gradle
+++ b/samples/javaconfig/saml2login/spring-security-samples-javaconfig-saml2-login.gradle
@ -5,6 +5,7 @@ dependencies {
 	compile project(':spring-security-config')
 	compile "org.bouncycastle:bcprov-jdk15on"
 	compile "org.bouncycastle:bcpkix-jdk15on"
+	compile slf4jDependencies

 	testCompile project(':spring-security-test')
 }
--- a/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/MessageSecurityWebApplicationInitializer.java
+++ b/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/MessageSecurityWebApplicationInitializer.java
@ -27,6 +27,10 @@ import org.springframework.security.web.session.HttpSessionEventPublisher;
 public class MessageSecurityWebApplicationInitializer extends
 		AbstractSecurityWebApplicationInitializer {

+	public MessageSecurityWebApplicationInitializer() {
+		super(SecurityConfig.class);
+	}
+
 	@Override
 	protected boolean enableHttpSessionEventPublisher() {
 		return true;
--- a/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/SecurityConfig.java
+++ b/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/SecurityConfig.java
@ -15,6 +15,8 @@
 */
 package org.springframework.security.samples.config;

+
+import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@ -23,6 +25,7 @@ import org.springframework.security.converter.RsaKeyConverters;
 import org.springframework.security.saml2.credentials.Saml2X509Credential;
 import org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
+import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
 import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter;

 import java.io.ByteArrayInputStream;
@ -39,7 +42,8 @@ import static org.springframework.security.saml2.credentials.Saml2X509Credential
@EnableGlobalMethodSecurity(prePostEnabled = true)
 public class SecurityConfig extends WebSecurityConfigurerAdapter {

-	RelyingPartyRegistration getSaml2AuthenticationConfiguration() throws Exception {
+	@Bean
+	RelyingPartyRegistrationRepository getSaml2AuthenticationConfiguration() throws Exception {
 		//remote IDP entity ID
 		String idpEntityId = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php";
 		//remote WebSSO Endpoint - Where to Send AuthNRequests to
@ -53,14 +57,14 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 		//IDP certificate for verification of incoming messages
 		Saml2X509Credential idpVerificationCertificate = getVerificationCertificate();
 		String acsUrlTemplate = "{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI;
-		return RelyingPartyRegistration.withRegistrationId(registrationId)
+		return new InMemoryRelyingPartyRegistrationRepository(RelyingPartyRegistration.withRegistrationId(registrationId)
 				.providerDetails(config -> config.entityId(idpEntityId))
 				.providerDetails(config -> config.webSsoUrl(webSsoEndpoint))
 				.credentials(c -> c.add(signingCredential))
 				.credentials(c -> c.add(idpVerificationCertificate))
 				.localEntityIdTemplate(localEntityIdTemplate)
 				.assertionConsumerServiceUrlTemplate(acsUrlTemplate)
-				.build();
+				.build());
 	}

 	@Override
@ -70,14 +74,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 			.authorizeRequests()
 				.anyRequest().authenticated()
 				.and()
-			.saml2Login()
-				.relyingPartyRegistrationRepository(
-						new InMemoryRelyingPartyRegistrationRepository(
-							getSaml2AuthenticationConfiguration()
-					)
-				)
-				.loginProcessingUrl("/sample/jc/saml2/sso/{registrationId}")
-		;
+			.saml2Login();
 		// @formatter:on
 	}

--- a/samples/javaconfig/saml2login/src/main/resources/logback.xml
+++ b/samples/javaconfig/saml2login/src/main/resources/logback.xml
@ -0,0 +1,12 @@
+<configuration>
+	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+	<encoder>
+		<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+	</encoder>
+	</appender>
+
+	<root level="WARN">
+		<appender-ref ref="STDOUT" />
+	</root>
+
+</configuration>