BAEL-4628 - Spring Security SAMl with Okta

2021-02-24 07:57:42 +02:00 · 2021-02-24 07:57:42 +02:00 · bb5cf873c8
parent bc4ea42b7d
commit bb5cf873c8
6 changed files with 19 additions and 26 deletions
--- a/spring-security-modules/spring-security-saml/pom.xml
+++ b/spring-security-modules/spring-security-saml/pom.xml
@ -23,14 +23,14 @@
 	</repositories>

 	<dependencies>
-		<dependency>
+        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
-        </dependency>
+            </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
@ -40,7 +40,7 @@
            <artifactId>spring-security-saml2-core</artifactId>
            <version>${saml2-core.spring.version}</version>
        </dependency>
-	</dependencies>
+    </dependencies>

 	<build>
 		<finalName>spring-security-saml</finalName>
--- a/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java
+++ b/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/SamlSecurityConfig.java
@ -129,12 +129,6 @@ public class SamlSecurityConfig {
        samlEntryPoint.setDefaultProfileOptions(defaultWebSSOProfileOptions());
        return samlEntryPoint;
    }
-    
-    @Bean
-    public SAMLDiscovery samlIDPDiscovery() {
-        SAMLDiscovery idpDiscovery = new SAMLDiscovery();
-        return idpDiscovery;
-    }

    @Bean
    public ExtendedMetadata extendedMetadata() {
--- a/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/WebSecurityConfig.java
+++ b/spring-security-modules/spring-security-saml/src/main/java/com/baeldung/saml/config/WebSecurityConfig.java
@ -53,8 +53,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private SAMLLogoutProcessingFilter samlLogoutProcessingFilter;

-    @Autowired
-    private SAMLDiscovery samlDiscovery;
+    @Bean
+    public SAMLDiscovery samlDiscovery() {
+        SAMLDiscovery idpDiscovery = new SAMLDiscovery();
+        return idpDiscovery;
+    }

    @Autowired
    private SAMLAuthenticationProvider samlAuthenticationProvider;
@ -89,7 +92,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
        chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSO/**"),
            samlWebSSOProcessingFilter()));
        chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/discovery/**"),
-            samlDiscovery));
+            samlDiscovery()));
        chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"),
            samlEntryPoint));
        chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"),
@ -115,21 +118,21 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
        http
        .csrf()
        .disable();
-    
+
        http
        .httpBasic()
        .authenticationEntryPoint(samlEntryPoint);
-    
+
        http
        .addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
        .addFilterAfter(samlFilter(), BasicAuthenticationFilter.class)
        .addFilterBefore(samlFilter(), CsrfFilter.class);
-    
+
        http
        .authorizeRequests()
        .antMatchers("/").permitAll()
        .anyRequest().authenticated();
-    
+
        http
        .logout()
        .addLogoutHandler((request, response, authentication) -> {
--- a/spring-security-modules/spring-security-saml/src/main/resources/application.properties
+++ b/spring-security-modules/spring-security-saml/src/main/resources/application.properties
@ -1,6 +1,6 @@
 saml.keystore.location=classpath:/saml/samlKeystore.jks
-saml.keystore.password=oktaiscool
-saml.keystore.alias=oktasaml
+saml.keystore.password=<key_pass>
+saml.keystore.alias=<key_alias>

-saml.idp=http://www.okta.com/exk26fxqrz8LLk9dV4x7
+saml.idp=<idp_issuer_url>
 saml.sp=http://localhost:8080/saml/metadata
--- a/spring-security-modules/spring-security-saml/src/main/resources/templates/home.html
+++ b/spring-security-modules/spring-security-saml/src/main/resources/templates/home.html
@ -6,10 +6,8 @@
 <body>
    <h3><Strong>Welcome!</strong><br/>You are successfully logged in!</h3>
    <p>You are logged as <span class="badge badge-dark" th:text="${username}">null</span>.</p>
-    <small class="d-block text-right mt-3" id="sso-btn">
-        <a th:href="@{/logout}" class="btn btn-spring btn-sm">
-            <i class="far fa-user-circle"></i> Logout
-        </a>
+    <small>
+        <a th:href="@{/logout}">Logout</a>
    </small>
 </body>
 </html>
--- a/spring-security-modules/spring-security-saml/src/main/resources/templates/index.html
+++ b/spring-security-modules/spring-security-saml/src/main/resources/templates/index.html
@ -5,8 +5,6 @@
 </head>
 <body>
    <h3><Strong>Welcome to Baeldung Spring Security SAML</strong></h3>
-    <a th:href="@{/auth}" class="btn btn-spring btn-sm">
-        <i class="far fa-user-circle"></i> Login
-    </a>
+    <a th:href="@{/auth}">Login</a>
 </body>
 </html>