Commit Graph

19 Commits

Author SHA1 Message Date
Filip Hanik af415948b1 Allow configuration of AuthenticationManagerResolver in saml2Login()
Fixes gh-7654

https://github.com/spring-projects/spring-security/issues/7654
2019-12-17 13:34:27 -08:00
Eleftheria Stein da3f18017d Polish SAML2 principal classes
Update @since

Issue: gh-7681
2019-12-12 20:22:58 +01:00
Clement Stoquart 31b999e9b4 fix: make Saml2Authentication serializable 2019-12-12 17:11:00 +01:00
Clement Stoquart 0c47bfb1e3 Remove empty relay state from redirect url 2019-12-10 09:49:54 -08:00
Filip Hanik 0cafcf37e2 Make the loginProcessingUrl configurable for saml2Login()
Fixes gh-7565

https://github.com/spring-projects/spring-security/issues/7565
2019-10-31 08:20:12 -07:00
Mike Truso a4430aa21b Fix variable reference in sample code 2019-10-29 14:04:05 -06:00
Filip Hanik 0f14844acf We will not validate IP addresses as part of assertion validation
Fixes gh-7514

https://github.com/spring-projects/spring-security/issues/7514
2019-10-28 20:08:42 -07:00
Brendt Lucas 8ebfba3019 Support configuration of protocol binding for authentication requests 2019-10-15 15:57:45 -05:00
Filip Hanik 83b5f5c7ae Improve the Saml2AuthenticationRequest object
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
2019-09-30 11:01:34 -07:00
Filip Hanik 9731386de5 Correctly set "Destination" in AuthNRequest message
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
2019-09-30 11:01:34 -07:00
Filip Hanik 69eacac514 Fix javadoc for RelyingPartyRegistrationRepository 2019-09-30 09:22:36 -07:00
Filip Hanik 7adb4da3ef Always require signature on either response or assertion
Fixes gh-7490
https://github.com/spring-projects/spring-security/issues/7490
2019-09-30 09:22:36 -07:00
Filip Hanik 22da2b45c9 SAML Assertion validation should propagate errors: #7375 and #7375
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375

Clean up code

- Authentication request factory should only throw Saml2Exception
- OpenSamlImplementation should only throw Saml2Exception
- Move the OpenSamlImplementation package private methods to the right
section
2019-09-27 09:07:25 -07:00
Filip Hanik b6a057a925 OpenSAML expects type `long` representing millis for response time validation skew
Fixes gh-7448

https://github.com/spring-projects/spring-security/issues/7448
2019-09-27 09:07:25 -07:00
Filip Hanik adde18b873 Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception"
This reverts commit e9619fb0e7, reversing
changes made to 45a1490d5d.
2019-09-24 16:05:09 -07:00
Filip Hanik d472e99528 SAML Assertion validation should propagate errors: #7375 and #7375
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
2019-09-24 14:40:39 -07:00
Filip Hanik 20033ffd4a OpenSAML expects type `long` representing millis for response time validation skew
Fixes gh-7448

https://github.com/spring-projects/spring-security/issues/7448
2019-09-24 14:40:39 -07:00
Filip Hanik 438ae215f8 Upgrade to OpenSAML 3.4.3
Fixes gh-7392
2019-09-06 08:04:15 -07:00
Filip Hanik e9a44bc0ce HttpSecurity.saml2login() - MVP Core Code
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:

  - Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
  - Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
  - Supports basic java-configuration via DSL
  - Provides an integration sample using Spring Boot

Not implemented with this MVP

  - Single Logout
  - Dynamic Service Provider Metadata

Fixes gh-6019
2019-09-05 14:40:08 -07:00