Merge pull request #11077 from rmkellogg/spring-saml-docs

Spring Security SAML - Minor documentation update & File Load Improvement
This commit is contained in:
kwoyke 2021-09-24 21:10:49 +02:00 committed by GitHub
commit 48bc32bad5
2 changed files with 18 additions and 7 deletions

View File

@ -5,10 +5,13 @@ import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Timer;
import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.saml2.metadata.provider.ResourceBackedMetadataProvider;
import org.opensaml.util.resource.ClasspathResource;
import org.opensaml.util.resource.ResourceException;
import org.opensaml.xml.parse.StaticBasicParserPool;
import org.springframework.beans.factory.annotation.Qualifier;
@ -141,13 +144,19 @@ public class SamlSecurityConfig {
@Bean
@Qualifier("okta")
public ExtendedMetadataDelegate oktaExtendedMetadataProvider() throws MetadataProviderException {
File metadata = null;
// Use the Spring Security SAML resource mechanism to load
// metadata from the Java classpath. This works from Spring Boot
// self contained JAR file.
org.opensaml.util.resource.Resource resource = null;
try {
metadata = new File("./src/main/resources/saml/metadata/sso.xml");
} catch (Exception e) {
resource = new ClasspathResource("/saml/metadata/sso.xml");
} catch (ResourceException e) {
e.printStackTrace();
}
FilesystemMetadataProvider provider = new FilesystemMetadataProvider(metadata);
Timer timer = new Timer("saml-metadata");
ResourceBackedMetadataProvider provider = new ResourceBackedMetadataProvider(timer,resource);
provider.setParserPool(parserPool());
return new ExtendedMetadataDelegate(provider, extendedMetadata());
}

View File

@ -1,6 +1,8 @@
saml.keystore.location=classpath:/saml/samlKeystore.jks
# Password for Java keystore and item therein
saml.keystore.password=<key_pass>
saml.keystore.alias=<key_alias>
# SAML Entity ID extracted from top of SAML metadata file
saml.idp=<idp_issuer_url>
saml.sp=http://localhost:8080/saml/metadata