Josh Cummings
6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
...
This reverts commit 147d7dadd7
.
2020-03-04 12:02:48 -07:00
Josh Cummings
147d7dadd7
Lock dependencies for 5.3.0.RELEASE
2020-03-04 10:28:39 -07:00
Filip Hanik
3257349045
Support POST binding for AuthNRequest
...
Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp
This PR extends (builds on previous commits and adds user configuration
options)
https://github.com/spring-projects/spring-security/pull/7758
2020-02-28 09:15:26 -08:00
Filip Hanik
a51a202925
Correct signature handling for SAML2 AuthNRequest
...
Implements the following bindings for AuthNRequest
- REDIRECT
- POST (future PR)
Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp
Fixes gh-7711
2020-02-12 13:30:48 -08:00
Filip Hanik
43098d41cc
Revert "Correct signature handling for SAML2 AuthNRequest"
...
This reverts commit a3e09fadd7
.
Build failure on Java 9+
XML generation does not add linefeeds by default
Change since Java 8
2020-02-12 13:30:48 -08:00
Filip Hanik
a3e09fadd7
Correct signature handling for SAML2 AuthNRequest
...
Implements the following bindings for AuthNRequest
- REDIRECT
- POST (future PR)
Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp
Fixes gh-7711
2020-02-12 11:40:19 -08:00
Eleftheria Stein
84b8a5abd7
Unlock dependencies for next development version
...
This reverts commit 064616f1ef
.
2020-02-05 15:53:04 +01:00
Eleftheria Stein
064616f1ef
Lock dependencies for 5.3.0.RC1
2020-02-05 10:20:05 +01:00
Eleftheria Stein
5678490c1f
Add relying party registration not found exception
...
Fixes: gh-7865
2020-02-04 09:58:54 +01:00
Eleftheria Stein
fcc6457bef
Unlock dependencies for next development version
...
This reverts commit 93acf8f0f1
.
2020-01-08 22:15:17 +01:00
Eleftheria Stein
93acf8f0f1
Lock dependencies for 5.3.0.M1
2020-01-08 19:41:10 +01:00
Filip Hanik
9d26f12e86
Add an example of Base64 encoding that failed with java.util.Base64
...
Revert usage to Apache Commons Codec (dependency by OpenSaml)
2020-01-01 15:45:10 -08:00
Filip Hanik
af415948b1
Allow configuration of AuthenticationManagerResolver in saml2Login()
...
Fixes gh-7654
https://github.com/spring-projects/spring-security/issues/7654
2019-12-17 13:34:27 -08:00
Eleftheria Stein
da3f18017d
Polish SAML2 principal classes
...
Update @since
Issue: gh-7681
2019-12-12 20:22:58 +01:00
Clement Stoquart
31b999e9b4
fix: make Saml2Authentication serializable
2019-12-12 17:11:00 +01:00
Clement Stoquart
0c47bfb1e3
Remove empty relay state from redirect url
2019-12-10 09:49:54 -08:00
Filip Hanik
0cafcf37e2
Make the loginProcessingUrl configurable for saml2Login()
...
Fixes gh-7565
https://github.com/spring-projects/spring-security/issues/7565
2019-10-31 08:20:12 -07:00
Mike Truso
a4430aa21b
Fix variable reference in sample code
2019-10-29 14:04:05 -06:00
Filip Hanik
0f14844acf
We will not validate IP addresses as part of assertion validation
...
Fixes gh-7514
https://github.com/spring-projects/spring-security/issues/7514
2019-10-28 20:08:42 -07:00
Brendt Lucas
8ebfba3019
Support configuration of protocol binding for authentication requests
2019-10-15 15:57:45 -05:00
Filip Hanik
83b5f5c7ae
Improve the Saml2AuthenticationRequest object
...
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
2019-09-30 11:01:34 -07:00
Filip Hanik
9731386de5
Correctly set "Destination" in AuthNRequest message
...
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
2019-09-30 11:01:34 -07:00
Filip Hanik
69eacac514
Fix javadoc for RelyingPartyRegistrationRepository
2019-09-30 09:22:36 -07:00
Filip Hanik
7adb4da3ef
Always require signature on either response or assertion
...
Fixes gh-7490
https://github.com/spring-projects/spring-security/issues/7490
2019-09-30 09:22:36 -07:00
Filip Hanik
22da2b45c9
SAML Assertion validation should propagate errors: #7375 and #7375
...
Fixes gh-7377
Fixes gh-7375
https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
Clean up code
- Authentication request factory should only throw Saml2Exception
- OpenSamlImplementation should only throw Saml2Exception
- Move the OpenSamlImplementation package private methods to the right
section
2019-09-27 09:07:25 -07:00
Filip Hanik
b6a057a925
OpenSAML expects type `long` representing millis for response time validation skew
...
Fixes gh-7448
https://github.com/spring-projects/spring-security/issues/7448
2019-09-27 09:07:25 -07:00
Filip Hanik
adde18b873
Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception"
...
This reverts commit e9619fb0e7
, reversing
changes made to 45a1490d5d
.
2019-09-24 16:05:09 -07:00
Filip Hanik
d472e99528
SAML Assertion validation should propagate errors: #7375 and #7375
...
Fixes gh-7377
Fixes gh-7375
https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
2019-09-24 14:40:39 -07:00
Filip Hanik
20033ffd4a
OpenSAML expects type `long` representing millis for response time validation skew
...
Fixes gh-7448
https://github.com/spring-projects/spring-security/issues/7448
2019-09-24 14:40:39 -07:00
Filip Hanik
438ae215f8
Upgrade to OpenSAML 3.4.3
...
Fixes gh-7392
2019-09-06 08:04:15 -07:00
Josh Cummings
c716b400a1
Update to OpenSaml 3.3.1
...
Fixes gh-7388
2019-09-06 07:20:13 -06:00
Filip Hanik
e9a44bc0ce
HttpSecurity.saml2login() - MVP Core Code
...
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:
- Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
- Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
- Supports basic java-configuration via DSL
- Provides an integration sample using Spring Boot
Not implemented with this MVP
- Single Logout
- Dynamic Service Provider Metadata
Fixes gh-6019
2019-09-05 14:40:08 -07:00