spring-security icon indicating copy to clipboard operation
spring-security copied to clipboard
verified publisher icon spring-projects

Allow metadata download without Asserting Party details being known

Open 1livv opened this issue 2 years ago • 2 comments

Expected Behavior Saml2MetadataFilter should be able to return a metadata for a registration without Asserting Party details.

Context The Asserting Party/IdP details might not be available during the metadata download step, if the metadata exchange is done first by uploading the SP metadata to the IdP and after uploading the IdP metadata to the SP.

The old library maintained separately SP/IdP registrations and you can download a SP metadata without having its corresponding IdP configured.

1livv avatar Feb 19 '23 16:02 1livv

+1 I have a similar requirement in which asserting Party details are dynamically loaded from database , but service provider should be able to generate its metadata without asserting Party details.

sumeetpri avatar Aug 14 '23 17:08 sumeetpri

Hi,

A workaround for this is to use a separate implementation of RelyingPartyRegistrationRepository just for the download metadata workflow, that fills the asserting party details with dummy values that are not used in the download metadata flow anyway

1livv avatar Mar 01 '24 18:03 1livv