From a8a66480bede17609943f6baad37568ac0c10dd1 Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Fri, 22 Jan 2021 11:18:12 -0700 Subject: [PATCH] Fix SAML 2.0 Javaconfig Sample Issue gh-9362 --- ...ing-security-samples-javaconfig-saml2login.gradle | 1 + .../MessageSecurityWebApplicationInitializer.java | 4 ++++ .../security/samples/config/SecurityConfig.java | 5 ++--- .../saml2login/src/main/resources/logback.xml | 12 ++++++++++++ 4 files changed, 19 insertions(+), 3 deletions(-) create mode 100644 samples/javaconfig/saml2login/src/main/resources/logback.xml diff --git a/samples/javaconfig/saml2login/spring-security-samples-javaconfig-saml2login.gradle b/samples/javaconfig/saml2login/spring-security-samples-javaconfig-saml2login.gradle index c901eab861..e1d82499dc 100644 --- a/samples/javaconfig/saml2login/spring-security-samples-javaconfig-saml2login.gradle +++ b/samples/javaconfig/saml2login/spring-security-samples-javaconfig-saml2login.gradle @@ -3,6 +3,7 @@ apply plugin: 'io.spring.convention.spring-sample-war' dependencies { compile project(':spring-security-saml2-service-provider') compile project(':spring-security-config') + compile slf4jDependencies testCompile 'org.springframework:spring-test' } diff --git a/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/MessageSecurityWebApplicationInitializer.java b/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/MessageSecurityWebApplicationInitializer.java index c33dc58cf2..c7044c5192 100644 --- a/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/MessageSecurityWebApplicationInitializer.java +++ b/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/MessageSecurityWebApplicationInitializer.java @@ -28,6 +28,10 @@ import org.springframework.security.web.session.HttpSessionEventPublisher; public class MessageSecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer { + public MessageSecurityWebApplicationInitializer() { + super(SecurityConfig.class); + } + @Override protected boolean enableHttpSessionEventPublisher() { return true; diff --git a/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/SecurityConfig.java b/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/SecurityConfig.java index ae4a4bd071..77ee56b688 100644 --- a/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/SecurityConfig.java +++ b/samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/SecurityConfig.java @@ -21,6 +21,7 @@ import java.security.cert.X509Certificate; import org.opensaml.security.x509.X509Support; import org.springframework.context.annotation.Bean; +import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; @@ -52,9 +53,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { .authorizeRequests((authz) -> authz .anyRequest().authenticated() ) - .saml2Login((saml2) -> saml2 - .loginProcessingUrl("/sample/jc/saml2/sso/{registrationId}") - ); + .saml2Login(Customizer.withDefaults()); // @formatter:on } diff --git a/samples/javaconfig/saml2login/src/main/resources/logback.xml b/samples/javaconfig/saml2login/src/main/resources/logback.xml new file mode 100644 index 0000000000..3ebbcc0ddd --- /dev/null +++ b/samples/javaconfig/saml2login/src/main/resources/logback.xml @@ -0,0 +1,12 @@ + + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n + + + + + + + +