JAVA-29301: minor change to spring-security-saml2 (#15862)
This commit is contained in:
parent
11ed4356b5
commit
9a7e33f5df
|
@ -2,7 +2,6 @@ package com.baeldung.saml;
|
|||
|
||||
import static org.springframework.security.config.Customizer.withDefaults;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
|
@ -13,26 +12,30 @@ import org.springframework.security.saml2.provider.service.registration.RelyingP
|
|||
import org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver;
|
||||
import org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter;
|
||||
import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter;
|
||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfig {
|
||||
|
||||
@Autowired
|
||||
private RelyingPartyRegistrationRepository relyingPartyRegistrationRepository;
|
||||
private final RelyingPartyRegistrationRepository relyingPartyRegistrationRepository;
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
||||
DefaultRelyingPartyRegistrationResolver relyingPartyRegistrationResolver = new DefaultRelyingPartyRegistrationResolver(this.relyingPartyRegistrationRepository);
|
||||
DefaultRelyingPartyRegistrationResolver relyingPartyRegistrationResolver = new DefaultRelyingPartyRegistrationResolver(
|
||||
this.relyingPartyRegistrationRepository);
|
||||
Saml2MetadataFilter filter = new Saml2MetadataFilter(relyingPartyRegistrationResolver, new OpenSamlMetadataResolver());
|
||||
|
||||
http.csrf(AbstractHttpConfigurer::disable).authorizeHttpRequests(authorize -> authorize.anyRequest().authenticated())
|
||||
.saml2Login(withDefaults())
|
||||
.saml2Logout(withDefaults())
|
||||
.addFilterBefore(filter, Saml2WebSsoAuthenticationFilter.class);
|
||||
DefaultSecurityFilterChain chain = http.build();
|
||||
return chain;
|
||||
http.csrf(AbstractHttpConfigurer::disable)
|
||||
.authorizeHttpRequests(authorize -> authorize.anyRequest()
|
||||
.authenticated())
|
||||
.saml2Login(withDefaults())
|
||||
.saml2Logout(withDefaults())
|
||||
.addFilterBefore(filter, Saml2WebSsoAuthenticationFilter.class);
|
||||
return http.build();
|
||||
}
|
||||
|
||||
public SecurityConfig(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) {
|
||||
this.relyingPartyRegistrationRepository = relyingPartyRegistrationRepository;
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue