Comments (3)
Just in case.. The way i fixed the issue is as below
http
.addFilterBefore(samlLogoutFilter(), LogoutFilter.class)
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(), BasicAuthenticationFilter.class);
http
.logout()
.logoutUrl("/saml/logout/**")
.logoutSuccessUrl("/logout");
and then commented out the code for logout filter below
public FilterChainProxy samlFilter() throws Exception {
List<SecurityFilterChain> chains = new ArrayList<>();
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"),
samlEntryPoint()));
/*chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"),
samlLogoutFilter())); */
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/metadata/**"),
metadataDisplayFilter()));
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSO/**"),
samlWebSSOProcessingFilter()));
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSOHoK/**"),
samlWebSSOHoKProcessingFilter()));
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SingleLogout/**"),
samlLogoutProcessingFilter()));
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/discovery/**"),
samlIDPDiscovery()));
return new FilterChainProxy(chains);
}
from spring-boot-security-saml-sample.
Thanks for your contribution.
from spring-boot-security-saml-sample.
Hi @rakpan
I want to configure multiple metadatageneratorFilters in the before filter can i do it as below since i have that i have two IDP's configured at the same application
`http
.addFilterBefore(xyzMetadataGeneratorFilter(),ChannelProcessingFilter.class)
.addFilterBefore(abcMetadataGeneratorFilter(),ChannelProcessingFilter.class)
.addFilterAfter(samlFilter(),BasicAuthenticationFilter.class);
@bean
public MetadataGeneratorFilter abcMetadataGeneratorFilter() {
return new MetadataGeneratorFilter(abcMetadataGenerator());
}
@bean
public MetadataGeneratorFilter xyzMetadataGeneratorFilter() {
return new MetadataGeneratorFilter(xyzMetadataGenerator());
}
@bean
public MetadataGenerator abcMetadataGenerator() {
MetadataGenerator metadataGenerator = new MetadataGenerator();
metadataGenerator.setEntityId("ABC-" + DEPLOYMENT_ENV);
metadataGenerator.setExtendedMetadata(extendedMetadata());
metadataGenerator.setIncludeDiscoveryExtension(false);
metadataGenerator.setKeyManager(keyManager());
return metadataGenerator;
}
@bean
public MetadataGenerator xyzMetadataGenerator() {
MetadataGenerator metadataGenerator = new MetadataGenerator();
metadataGenerator.setEntityId("XYZ-" + DEPLOYMENT_ENV);
metadataGenerator.setExtendedMetadata(extendedMetadata());
metadataGenerator.setIncludeDiscoveryExtension(false);
metadataGenerator.setKeyManager(keyManager());
return metadataGenerator;
}
`
from spring-boot-security-saml-sample.
Related Issues (20)
- CurrentUserHandlerMethodArgumentResolverTest is failing HOT 1
- Docker: javax.net.ssl.SSLPeerUnverifiedException: SSL peer failed hostname validation for name: null HOT 1
- Deserialization of Untrusted Data (CVE-2019-16335) HOT 1
- Deserialization of Untrusted Data (CVE-2019-14540) HOT 1
- Deserialization of Untrusted Data (CWE-502) HOT 1
- Deserialization of Untrusted Data (CVE-2015-4852, CVE-2015-7501) HOT 1
- Improper Certificate Validation (CVE-2012-5783)
- Man-in-the-Middle (CVE-2012-6153)
- Purpose of apollo key in the JKSKeyManager HOT 1
- Localhost redirect on first click regardless user's context HOT 1
- Behind reverse proxy advertises localhost and internal port HOT 1
- How to add "NameQualifier" and "Format" attributes to LogoutRequest/Issuer HOT 1
- Authentication statement is too old to be used with value 2020-08-31T09:32:00.759Z HOT 1
- With global logout from Identity provider side local session and authentication remain active and valid
- Need help to find the entity if
- Browser back redirects to "/saml/SSO" page. HOT 1
- Handle URL encoding in SAML response HOT 1
- Use Spring Boot 2.7 and Spring Security without WebSecurityConfigurerAdapter
- Metadata refreshing has failed
- Error retrieving metadata
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spring-boot-security-saml-sample.