Merge pull request #11077 from rmkellogg/spring-saml-docs

Spring Security SAML - Minor documentation update & File Load Improvement
2021-09-24 21:10:49 +02:00 · 2021-09-24 21:10:49 +02:00 · 48bc32bad5
parent 0fd6e90f3c dddf541bb8
commit 48bc32bad5
2 changed files with 18 additions and 7 deletions
--- a/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java
+++ b/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java
@ -5,10 +5,13 @@ import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Timer;

 import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
 import org.opensaml.saml2.metadata.provider.MetadataProvider;
 import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+import org.opensaml.saml2.metadata.provider.ResourceBackedMetadataProvider;
+import org.opensaml.util.resource.ClasspathResource;
 import org.opensaml.util.resource.ResourceException;
 import org.opensaml.xml.parse.StaticBasicParserPool;
 import org.springframework.beans.factory.annotation.Qualifier;
@ -141,13 +144,19 @@ public class SamlSecurityConfig {
    @Bean
    @Qualifier("okta")
    public ExtendedMetadataDelegate oktaExtendedMetadataProvider() throws MetadataProviderException {
-        File metadata = null;
-        try {
-            metadata = new File("./src/main/resources/saml/metadata/sso.xml");
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-        FilesystemMetadataProvider provider = new FilesystemMetadataProvider(metadata);
+		// Use the Spring Security SAML resource mechanism to load
+    	// metadata from the Java classpath.  This works from Spring Boot 
+    	// self contained JAR file.
+		org.opensaml.util.resource.Resource resource = null;
+
+		try {
+			resource = new ClasspathResource("/saml/metadata/sso.xml");
+		} catch (ResourceException e) {
+			 e.printStackTrace();
+		}
+		
+        Timer timer = new Timer("saml-metadata");
+        ResourceBackedMetadataProvider provider = new ResourceBackedMetadataProvider(timer,resource);
        provider.setParserPool(parserPool());
        return new ExtendedMetadataDelegate(provider, extendedMetadata());
    }
--- a/spring-security-modules/spring-security-saml/src/main/resources/application.properties
+++ b/spring-security-modules/spring-security-saml/src/main/resources/application.properties
@ -1,6 +1,8 @@
 saml.keystore.location=classpath:/saml/samlKeystore.jks
+# Password for Java keystore and item therein
 saml.keystore.password=<key_pass>
 saml.keystore.alias=<key_alias>

+# SAML Entity ID extracted from top of SAML metadata file
 saml.idp=<idp_issuer_url>
 saml.sp=http://localhost:8080/saml/metadata