From 841c03fe3bdb9a50742c7265e12ddbf5234dfee1 Mon Sep 17 00:00:00 2001
From: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Date: Tue, 17 Dec 2024 09:36:29 -0700
Subject: [PATCH] Add Serializable Compatilibity to Saml 2.0 Exceptions

Issue gh-16276
---
 ...ingSecurityCoreVersionSerializableTests.java |   7 +++++++
 ...ork.security.saml2.Saml2Exception.serialized | Bin 0 -> 16297 bytes
 ...tion.Saml2AuthenticationException.serialized | Bin 0 -> 16678 bytes
 .../security/saml2/Saml2Exception.java          |   7 ++++++-
 .../Saml2AuthenticationException.java           |   7 ++++++-
 5 files changed, 19 insertions(+), 2 deletions(-)
 create mode 100644 config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.Saml2Exception.serialized
 create mode 100644 config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException.serialized

diff --git a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
index cff442fffe..ecc30bd446 100644
--- a/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
+++ b/config/src/test/java/org/springframework/security/SpringSecurityCoreVersionSerializableTests.java
@@ -116,8 +116,11 @@ import org.springframework.security.oauth2.server.resource.authentication.Bearer
 import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthenticationToken;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
 import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal;
+import org.springframework.security.saml2.Saml2Exception;
+import org.springframework.security.saml2.core.Saml2Error;
 import org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal;
 import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication;
+import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException;
 import org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest;
 import org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest;
 import org.springframework.security.saml2.provider.service.authentication.TestSaml2Authentications;
@@ -301,6 +304,10 @@ class SpringSecurityCoreVersionSerializableTests {
 				(r) -> new LdapAuthority("USER", "username", Map.of("attribute", List.of("value1", "value2"))));
 
 		// saml2-service-provider
+		generatorByClassName.put(Saml2AuthenticationException.class,
+				(r) -> new Saml2AuthenticationException(new Saml2Error("code", "descirption"), "message",
+						new IOException("fail")));
+		generatorByClassName.put(Saml2Exception.class, (r) -> new Saml2Exception("message", new IOException("fail")));
 		generatorByClassName.put(DefaultSaml2AuthenticatedPrincipal.class,
 				(r) -> TestSaml2Authentications.authentication().getPrincipal());
 		generatorByClassName.put(Saml2Authentication.class,
diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.Saml2Exception.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.Saml2Exception.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..4fd752b76ff32c61363d4a88deaec496110dd86d
GIT binary patch
literal 16297
zcmeHOU2I*&5#H<kkOT-$$Pf8}G~tp^qMSH5KZGQJiJipY{K$4ffi&p&+_im@d+)h9
zXK!Ms6>1A@Rr&*k3Myz(A1J7lKD5w+TB+(ogDUl<Jn+CntG-mIl`2*0OI0bP^X=~0
zv*+j9*G*JW;g|8byR$R1Gqbb1GwV10&gMlS+ZKdlPSgnf`q*gb*7*4#JmW;%Ylgm<
zbRxG_z0(;2?3?g-L-;{`cxdYrUs?9>zd9J32-)h>?m5?~y7e(<uvr&=jT^+5ADe%0
z(e@|)q7ZLP5Dms3F0H#~^`5oA&0!3WhrxMwq{`oacgLpP=imAL95#1=&GX!5#06VE
z09sqYbgRMKGr+E|aN+vZ!#s-IF~VDF;SC8)anGY{Q6yaN%y8&>gmKHGDU`UQugYt@
zE{No^sM%<QM37gE)RADFYFJbF)vW`5B=$@+NSA7ge&F;UHOSR3L=}G9KYolUo@I}-
z4uD01%^f94n_(=0(%_I0Eta6;z#V({UfQr5!yAmTSBTA;M3cDz?!t>NZru6DFL$s7
z_p|w<L0EG|KU-Aw>-<QwHp0UJc7s=Sqi7&-D?B_x7KcFd2H4^Xrw%A-Kl*j+f>FQ9
zEv!W~F2;jOswJp2Q#jYxWXlO2M&vG%&_tueSZTXpbKFKlu!B=N-H`OgA?<_vgOF=d
zLp=1|s(%5FG0Y=DhS=IZvIDh|>8fsRq~eyz4TSHNw{LGW<YX6<gls#c?G)@T2<X=d
zr|ywG{kq^`-K{!fyv{>c1ff&&BhNV)|Lo;nAln67nQzpb7wFO4=J<f-cuxzC<8HlD
zB~3cVBOVTsGgf_GF)WUSfk)06go52VHG-C5DXj}LdXPuWs<5TmsioQbUrBRF$tu|T
zLRoaTmSiDGk{93!Ex^VW0vOp3xE?vMV9PQsk~)a2vFG)OBnz+}V1r;w#+2>&k)Xm)
zxYed@m5yg5zF@7y=#O2auRcagi^RyZ=t*85bIEdGFB*w9;%k#&*Lfj#1wT4+ntLgu
zypuu2&pYhdoz5T#c9Wtt7z9Gm>(?G^59^V`$a7lgx-Sfa(Aac|{ZmhGg%{K-J~jon
zdVu2D(Yi#knaJ?c2~P1mJF~Lc=oht2x3rL{r{VY48dcJk{xbINw#mF@G_nI<I|ZAs
zxLQc169#DszLwH<Kx<4!7{0$5hO`6dz#}6fkK(}{moH!bh{D*G)0HzxYzX;il`Q8R
zp}2C6AC_^l$5YEw$$WFGF0IaM{Q9}z4DS+bp$zdOE_S>5+jco!PPYnDv=6Yu4T!rJ
zU>|j>LHKnqz<mkgW|DDRp^Uw}%Ew5~`dE>i>!<2A3ctUAWyf8_@}^{eiglv62zIUd
zXibBHaK~j3?xffbA2{8t`@(5dU4hNa@q$_{s7DTVUT08goZRm?{iNMsS*Atn^*W^@
z#XB}4!oAcXaq3Puoo+UK3ib|{3)|rnv<<<*9W}b2EaZ{mf;t^TvQ4oW8;HuhVsnb)
z+F%=;5*~8Z;@B00`^R0sUZybOSESt%B*E4tKe8i?rjOaud{1k5s(A}u$M)?E(~&M{
zioOZmK=aNv>3J`d+a$!bc|9k20UQT7K|7?u!zPZ+Ja3s(xlwCUqlP&}0g9ISkz;bC
zV2`w=X)?7u*4D@Rq@^JZw0VYy<=C0dQH#bSJGfPfJ{wF6Euq{<t&ipUq!Ems2>gnY
zwA^Lu=CfMX`>s@0&^aa84Vt4bXOQNlHVMIo+Ts;^xtV9|fu@0160ZaMA%K*Z-KS@_
z?}|7U)7~O!1B^-p!4`X1Aw6{|)){*@XSZdL@$-J$4krzQi!bSXDTHLJXo2v7q#&3)
zIH{PGi6j*sd7+P`?7;1nJK(F=bO?5Ht1j(Qt5OC|kjr=3)9Kg3^dyQm0aV8|Tx;mm
z=#2Yxo(;Wm-=ov5xl8R2s@TeKtX!FI)UsToVq;3v?;Azd@I^tgQ~6>dsx9bK8Fc(K
zyDS29?{o-pB-=B?sp8ZJnTFly3>^mTpL%+0w5s(i2XP&VXk)KVmUr57P|Aj!X92?8
z9G*3En8eow!KNUcvg6m}$kg`KmK`x0Iz!-(p3HnV44U=Sj--yb;LwIxyJs}xr*ku2
zn%AODv62~ppD91MRU!!XnHidyG8dd2n7frjmZQV)Drg5G-6_xcNChCv(H?HB)2KO8
z^HY1>hg!@NGZfQyzj7}hb?I8xJ6U&YzGuq{>KAglc~3G0_*OB(Hzk5#@`~9`Y>GEm
z@V2AVI=N!>&YSL(Isu=Q*<=uqhyQP*@7d(`t^J|g9lHSzwr|tnakD%;%Hv%m$Z$31
zKoIu1-uTf*R5qXGqocGt(}rhSqSz`f9l09<?6Sw<i$s27jy%!fbkz6wF~7l)Cn<NA
zw+Xf)*KVfx-6G;|wn_ZX@-_^A380YBMR~fH*TdFGZ%d@-LF9%10i~<PZvMlhrrQ%6
z^n{^1i3D2Nd<{{CgHBsWve2e(nzea5=@tNQ800nD?dkA^*=G#h@o!?XDPf}hC}+^}
zA&Lta|B_(WXu1XDO3T_b?XIh0+P3W94$_=Ir`2F7Hd5-gT4)cneyPO-UA$JLkV`~(
zeNMkUBcy286Y)Bti$b<Z8*zabG$!dF859x!r*v(3f&V!z@bjVDphMmM)+5;SB+hL)
zagxZ8gbna}f%3xq93_0{_AtcHHtCj6SN;M?*iSNx>{mrde@ltGAf{Y^+A&OWZpg`*
zb4v`BEC2NZBIJx{eZwFX#SmI$=>H+Ws{k#mh%TjQeEk9-vy@7<HPA0}Q5hsM0J?q&
zAfr*CqGqg3koz@2h8^h<t-k@dGCi?&meJKinl%fXbze5U`{Lr0JvqVIQ%9@KXz2t{
zN2?ryx*4Hao$vAWx%jjN7BjxMfWqT81$93`^A`ZV2=FBv;Tg0@Arl#%v=OG2A$yeo
z!LQmBro1}Pp>p1b6m?Z$P97@FfdZ6daLk2SDCg5ga(PGnI$fvKMYg9}wb}o`;3YHs
zWNI0TkoTYVm5L#Moz-UkN~f;7P>=FHe0{@K)NZtN>OyKJMLt!Ar`0W(GEc3#%(W*K
zes*dB`eu03&2iE7vo*yX#mwK;%&lab$%|CoX5Aa71U?mHxueQ+>aI`8?4y+FqC2g=
zTzqPZ-eSf-l8gzI<^s&a&y-qJLU#&;yD<b2QB%m@h*Jq-b#=GVSDg37xRrz*l9%L^
z5Xw1{L139eke4R%o~{DprS+$C5d&JORAI@q6zfT5`sFMaLyQ}85^O~aNnjNqT39eC
zMI}P4%s1xcpdijZPqF_jCOH<mR7H2(hM&~y1f~8WN02|zHB!}?j0_JPr>fI2U35aG
zLskGywY{tpq_i2BP9DW6CBe$mjF-~V{YVyyq9{!!UgwyA*MR<(1FR5i5po+*RPO3B
zP6DJ;G)tM)zsj@JT<1n2XxKvCOZ;R`e|mmHO}fh)6&d{rwzfr2Y{$~tn4>DT!e90R
z>;t$5AagB9l||8CRG(y<p-`1p?rViaMND)Z1UOWP1g)1z3$j9~wcy8ZL@IvNaD_K+
zl_z_36Q$GXx`)&{1*5o8JHvu_Ts(0wxk=g|^^4L*fK7JidXiw5<=uG+_EVXXPblYA
z4}M~%R5WbeX^fC!caqp0nUWpZcVaT;&{J_6l*cK@ziE*r1tasSU{%qWn152FVN`Ly
zO#GLknoX-_V)9O>EQjut8d^(>Bk9r)dZ57H(V*Ry&{ISJynLg51K#?O{494<{vr9P
z?KCHB)@>_1nX$r5IKZUzC~B?FhEks6FlDvq4O?9$t?|st<~1fKyGsrukVJJ%_1>vE
zQJ0tbU+t}=Lxhqf8tU0oC8%0)dZdGzZBwa3u+@d_##&~Nfi#oE@Ig!QQ!^Zzj0CUs
z;B}L#uFH6<TsG#uX?i4WqPbMeGN*J1b5N=V0i%SXWQiE5R}wht%Q(;}*xgzMZ3ul(
zZYN4GX)(4u+Z1c1w8Q500Ib#t5qbgo=p7*Pn1m9tbxCSSZ!Z)iqH<rYA!Lg5!aFP9
z+WXqef09oDCn#lEBLmVq$0lfAM-zF)%&D|J=EIiYYbn5uwjc=tHW#)6V5N;<BxS46
zw;CYzq)MFt(R?$&Edc9m3hK!Nn%4tt07y}I1T9d8g;2IAbUb4a5d7FCfZHvE+#@O=
zq+UkJbd_Y0P)H%1E?}|6X3=91<e8-lKeyQk+#n<@x^0Au24M%jq~1~pG6g4vOc3lk
zVD6z3$lM*X_&Dy5w5;?i9*8Pk=|OxA#6n};$?aTD`w04u0;Jv#Bn~u)zWf7&B*k$Y
z2qyp@vROQb7Re$(c-TgemHrIEqc(y%DuawX+DrV$Yy@-SXUWTe5gQ@#Fqx{z&jJxi
z2|0?dJi?X&gmIe%&IefvspktP4MHMh3PGw)>Y)X~2Zn;oOvzWhbSjL{EMLw}o5^{<
zfC4>2NGLp2fMB*1I1ECjnr0$H3L)`_NubJm^(QSE14T`nKKRgRvPH@Gz3C9l#k5uW
zQJP44RFa?kPHb*f>;;eK0j{uw`DOz|z7HVl0YxQ|_Okd_t<FiM>^5fC7E(Jkinb~X
zR2GFyGKcYhRX3qRCItT}z|R0)1IS$eN|z+kC%K%}mKV(GiM1CC+F5sPQJOW&Y}t>_
z!_!u+v2z#gnyDksY}rp8H|1Hn6Z=4N)H8}wWj}PvgU+k?dOf>mK;79YA8=+1Qkge~
zv)WAZY;c;V;UyW@YriDj*7<z5Vet{ZE&~|v1_hZ!fDEM)fc&S@6vDe0A`#{SVIF>_
z5UzeH3w##FCwvHL?g&Y>taPo7V5XTMq=huM?^268lDyW-X|_O6g(irG99ZeblpaV%
zDiNW5Ilu}4lLSMjm+4#;OOMV|vU80YX(|@zRLNK*#Y*b{Oy|cjT?2v3ayG~$6jU0f
zDMMh;9RS#!(lv^clI#|=I|Q;BeYAH;l(qQWmdf0tr5gar$|R2pX`hs1Od`Bw(q-tp
sk}Nqm?FHCJAaO>Jos>KalE~<6Bf|`;NMV%v0H#a}1L0sp^6Q`Y57{(aw*UYD

literal 0
HcmV?d00001

diff --git a/config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException.serialized b/config/src/test/resources/serialized/6.4.x/org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationException.serialized
new file mode 100644
index 0000000000000000000000000000000000000000..f771882b3de39663ba2cce10cb968e40abb8bba0
GIT binary patch
literal 16678
zcmeHPYm6Ml5$-*|&IUg)HhvO6Seu8#oL~5X9pJb-zc@eQJDcz_n%kYboAd6@dZzb$
zhX{!RL<v!X1p-A7IphaKgn%MJfJ7*fB8(#CPxwKk{74i<ijabkBIREs$EmM+rl;qz
zcYCoDCF1_HXS=Jbs;jE2tE<}g<4?t`z!wjD{*V>aeYZ9==-XB2tmmJ$0;kmQT{&(A
zcD1tAs{7ukTXuZv_eb55W7!Qk?9`-NvZd?QtUf?>Ci;5DN=_YvzZ?GK(F-rVy|7Ib
zdc`cq_dQ>V?Y%^`BSp0%qT0b!J4&AKbTH~3%-S>Ni`^44iwRZ}HdfF4;^seJHPqiG
z1mRgZVvpKZ#jXum#~ZYcs-yWm|M2Yn^R_?!7X^5245%S~dvVPjEBCB^KLgP}?0aYJ
zfr|6d2e;k0`|P{FnIUG<noD*gaHLq;3tSx_+Myx$^osdqN7`=XuoDFK5Wy`r;QA!=
zvgZLYFOYWWbiZ$x2;y@OBtW8po{Cc?r4Y&`L8D&x387QgTnADtQqvmJt#tIdf!s4z
zCj(GRbUo|fQ4L)AYEX7I{OvU?@r-y(%tUjw6f*~j(}o{$pd{F*S&KMm+jq;}y%*Q-
z#`L-n;$<SUDwbqsf<5=b3mbR*;mJ19ez%xC==oJ!9u)H`Zp}H;s17)OuUJ^B*g??i
z*<^-C$V|b|oL;e@?9c#&)P?b|w|&s9I0n?bsw0QJa-zp8Hxe-OtK4(a@dL72Ml@D0
z2vOK7#SFV%mty~f#@EMNs4v_&U1W+Osy@ee?TY&d45Qx(Bq^e!bzlo(Bh^*x>Ok2p
zk{QshD{kLbuk&IT5r<+sxLqv8E->iU2&PsdeY!R2_%*v?4LLQ(x25M>RW~SE`=g)T
z4(%B9OR+558B%T!XFDdvLm|aGnou0JYvl?_(mFvNqmPWS;yPtb;+XH1$T&gwhKT_}
z9v0KS(6f&_L8Br~Zgzy+?ESa6IiPrzVqGpT;c&>wT;e3lz~dnU8=EkodEaN3$bh9-
zlImgXKytmguKO7+nj6p*rMPBD>CQRgm7SAzrD1BN?Ht2P(Tt6Qk!keQhG=UM8>yaf
zk@F)eX$s;!&CyNxx><^=BiLi!h-WhYN*1)_JGOL=4vaXZg#O-5f#RoS;u=W-NU>bu
zI_`N=;X4=_yE(0sr;(90Q41d{TK(6UKSN1eSMq9Q7sr@g*+;JLXpMnPBJ7D4gHj}t
zMQPql@CzYNpKHQXXWczmtyf5};g>dzohF*Mv_y8}>vkz-E2;)i;iLw-7GF!~<e=@y
z&dBL%_&yyLp^swc=>*Z_wo8{T{gXW2ts~{ru^aK7!3t^4IzldJ)H%#9wX>vlvf}yr
zW<#Mk=eV^|@3ga7in)9m4A?jrXK&eQZML>4e?~`!I9vz2ccJN|VKoWAy3lmTfSZWN
zEx9~)I~8Y$_^b`(@wslIVJ+}|IV9V55y|E8Q5MNWQIX;*_0b#$`RlezKurF+12!<y
zsJYUrS8R!M&nkJ<s#gmv9MaZtC2=yp6ZDe~jwPv{P_9=i5h>b{5^*x@4JmDlDUCGh
zE}aXO!#==r#^}W2AWqFbNE%X69YrkZu1Jj(50)IKY*LC`;PDnH#WZ-=B2e`Fu3_7)
z70KhcW!75^B*mKeM|y^qbic{X_gYxDbZR*1t$vFByoT%<3p;4t>8^0ybNNICyC$t?
znHHM+(A-alsfNROk8?k(nNyirs}i&N9r6O?EweL+c%~Hhw<Kv&H3#Cgp&r&WxPdfJ
zJAN@Trcvq%;Ybg5g}l#t-9uX_Gc%OO(l99T22Xl!S#et2Y|7@Lkk`8|msj8!kYZs-
z(d88+X{kd(ioTX;MOLoY8Cjt2aLTdOf&9H_5?00@iuUmrE{kG5?px8##|p3OUMUuo
zutPd)%+_i1;1?TG!1%e()Wd@sfRC$z3_yHTGy(WMV~~PlEakIOo}}yqCEvwXwqW+k
z9Prhx2c)>Z*-&UwD-sHhfs4D$<s1x|>5K)h9cbv+a08+M(;9Xu^z}=_bXBcb`r6gy
zRdAGX<eTjbd6}bpV?xp&X+fUB7e%m(lr6@rnv6b`0>{s@CP4RO0Ffu#GsUGMKm<?y
zc5s^FM)PO5yj7v7!&M%~%_X3Ny)s_hVX~-%4L%!aMl)-8Mz7(^_<Br=2~a2W_)VTE
zg>gK!q(`iVVhH>bE@rmvdyQJ+L{iZ(D73)V?kTPK>CB23XQgOjET<;mXTlCRz$aJo
zr75bJ(jyKTuw$1G7={kTE2r)Gbp1riMhawUT7!*b8Z-u~ZsM%_nAai2$tkjFnqRTo
z8MNsJ*F9ddt8U5U71$rk$mT;PiiRyM3-E0Qkb-Zct@x(sa0PACJFVdz6P~=uL6%8|
zwW?<AIea}IU(`c;DC&zk0^4^ec-+LnBZqf^B*j&&eV*TAmxhnlgQET{9v!69nGQVN
z6GU3EDdet8kV}Wd7YO~v40^)jP^e#Wj=6OQDV5^3;ua~c%k=9dvd>8)f3rp8TZ>!3
z+xOArBD%oQ{rQQ3-eI5@0QBO20n-&DH~T&k(@n7sI(^?BN3N}?zxpT{LeZAWyDZS%
zp?Vk5EdbVV+^N!OPr(;fpVCF!KZwYUF_F-YG72poAiuzJmSRqbHwRr|NsFr8c|}y)
zlKxu(n(?Qk7!1J%O58>doq@(LwV5D`*YX5%kr1!T$hUKV1Z|gOw2$bbknReV*k1DL
z;}l4GdC33Hrp-BzpV0<C>)Uk->bjcG5YH1k8#3&~o*{M{p!XuBkeyM=4bknP&pFdT
zp5CtHa3Wq$ZL(kH0sS?>ZhM3|2ehr9_*|diGh>#R%I@Kf93*6n=>3TX%JU(#%P{^b
znjfKQqD2fTLF4P^Xi{6LU}^*7@8tlI0?_*lH0+IX1vO=90^P52$dMe;`#ze>lapv=
z8(le|X|;%H^A(euFEUf<$O*=th=@0#hcCb?w8{XmV_*Ok-vi()X3#z5iwiJ(&BUPY
zC+L0x&68-pZUUS`Pl|_cm;jUVkiJR);kQf-6J8xCsGRjNd0kb*<DgOp6u`vJG2><-
z|C=@E-@(_@be&Qc+0IJEB>$3z`>abDg7^eY>p}(er_<8R-q>!?R;8>DKhK$h;;IJS
zhq>mON|8^L;c0dYrp!~bA${#hxSyz|*fYhOZiY%&YFm{*kWc&r7EdDCrt=~dyHP6*
zQv#n~JE%&Yy6aOi`zU3)=uR76F4j&knos!ENH2wU`YO!D&xBYWnhfCf6hQVyoJbI>
zt2<~Zf^;uE>&jsx3ERh)WL=tq?^4DQPXfsVmr;s*bB^+o@(Xhjy`fO4!jkIAm(vNo
zN;v-lm)8;;bTB}EW-HA>RH=%YSQgi(qRuQIBna^+`TjFl<dAPu!QHa!Zd|XEl==%S
zN%lb3NL6RjR&?kDRh^E7MJHrBxB{pP^TjYhN{4|Sbb=_QBt>zO`OGcdkGN121W7c}
zKF0z|2z3i9(5#eV9&#H&P~5y(8wr3;(JDEse}z{WQk@w{s$7TfDM0T|qQ^P?$?5eq
z=q|5Cq~#~Y>Lw$R9t&$DimKQOdr=ineBF&EbyZ1}MKPXNpA?(;?r;F(9DC#eQ4tg4
z_n_&`#RMr7NeWz{45i>k&q>N|P`71i*eFkShh0?rqU#<~>*S20&d?azqj}N7L1a1W
zAHhiB7Brj8!F9yJPQ$vh9CUfa)R;0}^)@IXN=3uwgIWm*at{)@BNLJ%{f>=C6gtax
zo$@%v=r?V$xL~AT6|Bgc6VZ>0G=eJbmx%siRI_Q<jE!%#iad1(OK2@^j(Eth)nC&j
zeib*lt>R@Log1*$d-=1tjq(ri&rnY@{6@{x!V@ViOyFZO6rj>wv>C!|DCId0Q&x+f
zyVX?E8ZWX;T0^|pJv@z?*sH@<?wn{4b$QPJhH@Yo!j;6{FyxIYL6x%A$p)&AO(hN~
zR_69=ZD|h=ZpMk=J%+VROt5b}kWRG|51~|bo&Bvc*@*g$lLLh+nn}eh9i@Yr{VW<d
zj6ye>o=B)TE_)zJiluH3MbHA%`}sIgjIqYV(sWlOl|rI)a)@bx1-PKXL3%QXJSMT@
zi#2g-C_G-sNd(27YF%=Q^pSU$y|wp;=l{sB2FEC6StSM1lSnQ*Eue+GtX_W5nhIMZ
zI)cyMCHT42T(o)<hwf!)mZMo=0%%UfDvYg0lX!ilB0zMnL9-UkIupa==;6yBhqFce
zOkhaA-vYo!14G+6jo~JI!3~OA41mmgD*$}n1b8I}L*nVwl;2hX;TDsGdPRlqZD?4q
zx0wK3F=jc$tJrA*T+mE%<i;Ul0^qG2fV~EW%u6P~-w^@)FCL&|qv10juzCc|Q8dRQ
zrm->iqK5@{9AABC5)TYw3*-8H_60(m1Gx{A+29^9Nj$4b!~hSO0H<;Q9yS3~EDb0d
z4L=<ynE?7qAlMKXV9*2@(IkfPm0g8;M}aX0%>vx2F~k7c|3Q))asd7#4<JBCRsQjn
zxRr3Y#oA<tm93M1q?wE{jGKabDhEKHIanrqyE2#<LjoYShtF=d27+RT%(`fjUr>c?
zi1QgV*$l;pTGUMd^vzW~2hiuyBy^FN;rwo-ZdDD&oEOksW{vYr9RK16Xt-d&X3&M7
z#$(BrY5`ZQ5K6Uf(4S;=EdjN{cuS=Rs+)qR*R`D9z*kC6EoJbpT+O5<OjPLvr$0sW
zHk#>rSMJ+_maL#~k%c*37Zm4VN|)&{uGr?BR*U$on=el8yi+rAtWMVj1^=h77V3i7
z-qRH;Sk;xNvQA5r%!y6!@}${Pe9nmi1n`A6G&3Olgd5m_9tM~NfY}*<4>UkK0On=@
zUY!g;Uu>Hd!#I(_JZKVy`B8+AW$HUZjG?g51c;ZZF(j9%Z{G!`!^y6M98Ty}GyzbR
zD2U)XG@K377>GxzA)$W-nw4l)MGRultj}Oj=eIC;if1A_re^Ar1_o8Oc0C4h8~cB#
zcYsag;Brb4lhi3N$wC8ZCyN*lvXHi*e=9ZVlt22nGYArlh1(LTee~=^vkQ$*v_ia3
z@En~fFX(g`1}`U#4oXPK6gcmfu#|D8iThG2%M6+=q@XeJ02-u9;^knc9HJhzonwG|
z>P+wO80C()B59radjaXcQosfA`0oXPDayiC+C*EgxGMVJDU@;sDf+MDa~=FufiC(#
W1l%!3`Fw_Qeg3-zl({a^*uMY}4DY@G

literal 0
HcmV?d00001

diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/Saml2Exception.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/Saml2Exception.java
index dc4e6bb770..3595dec00a 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/Saml2Exception.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/Saml2Exception.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2019 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,11 +16,16 @@
 
 package org.springframework.security.saml2;
 
+import java.io.Serial;
+
 /**
  * @since 5.2
  */
 public class Saml2Exception extends RuntimeException {
 
+	@Serial
+	private static final long serialVersionUID = 6076252564189633016L;
+
 	public Saml2Exception(String message) {
 		super(message);
 	}
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationException.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationException.java
index 6ee38c6d60..36075ba0df 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationException.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationException.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package org.springframework.security.saml2.provider.service.authentication;
 
+import java.io.Serial;
+
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.saml2.core.Saml2Error;
@@ -40,6 +42,9 @@ import org.springframework.util.Assert;
  */
 public class Saml2AuthenticationException extends AuthenticationException {
 
+	@Serial
+	private static final long serialVersionUID = -2996886630890949105L;
+
 	private final Saml2Error error;
 
 	/**