spring-security
spring-security copied to clipboard
spring-projects
Spring Security
To expose the SAML metadata endpoint we have to register a Filter: ```java DefaultRelyingPartyRegistrationResolver relyingPartyRegistrationResolver = new DefaultRelyingPartyRegistrationResolver(this.relyingPartyRegistrationRepository); Saml2MetadataFilter filter = new Saml2MetadataFilter( relyingPartyRegistrationResolver, new OpenSamlMetadataResolver()); http // ... .saml2Login(withDefaults())...
In order to publish the metadata endpoint, we should do: ```java DefaultRelyingPartyRegistrationResolver relyingPartyRegistrationResolver = new DefaultRelyingPartyRegistrationResolver(this.relyingPartyRegistrationRepository); Saml2MetadataFilter filter = new Saml2MetadataFilter( relyingPartyRegistrationResolver, new OpenSamlMetadataResolver()); http // ... .saml2Login(withDefaults()) .addFilterBefore(filter, Saml2WebSsoAuthenticationFilter.class);...
**Expected Behavior** I would like an easy way to add custom parameters for authorization and token requests. **Current Behavior** Currently it is possible but very difficult and verbose. It is...
**Expected Behavior** Add implementation of Artifact Resolution Profile, as specified here: https://www.oasis-open.org/committees/download.php/35389/sstc-saml-profiles-errata-2.0-wd-06-diff.pdf#page=44 **Current Behavior** Only Web Browser SSO Profile is available, so it is not possible to use Spring Security...
**Expected Behavior** We currently are using Spring SAML Extension 1.0.10 in SP mode. We integrate with different IDPs like OAM, OKTA, ADFS etc and it works smoothly. Now, we need...
**Describe the bug** `ReactiveJwtDecoders.fromIssuerLocation("https://thomasmiller.eu.authz.cloudentity.io/thomasmiller/test")` does not return the correct algo. As RS256 comes back instead of EC256 However Not reactive version does work and comes back with EC256 `JwtDecoders.fromIssuerLocation("https://thomasmiller.eu.authz.cloudentity.io/thomasmiller/test")` Drilling...
Hi, diagram related to `SecurityContextHolderFilter` is referring to SecurityContext**Persistence**Filter instead of SecurityContext**Holder**Filter in documentation: https://docs.spring.io/spring-security/reference/5.7.0/servlet/authentication/persistence.html#securitycontextholderfilter which got me a little bit confused. This is present from 5.7.x onward.
[Rob Winch](https://jira.spring.io/secure/ViewProfile.jspa?name=rwinch) (Migrated from [SEC-2390](https://jira.spring.io/browse/SEC-2390?redirect=false)) said: Include support for HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238. https://fidoalliance.org/about...
**Describe the bug** Jackson serialization of `DefaultSaml2AuthenticatedPrincipal` doesn't work anymore since Spring Boot 2.7.3. An exception is thrown: ``` Caused by: com.fasterxml.jackson.databind.JsonMappingException: The class with org.springframework.util.LinkedMultiValueMap and name of org.springframework.util.LinkedMultiValueMap...
**Expected Behavior** I would like to be able to set a `logoutRequestRepository` for `Saml2RelyingPartyInitiatedLogoutSuccessHandler` in `LogoutFilter` via `Saml2LogoutConfigurer`. **Current Behavior** Currently, I can set only `logoutRequestRepository` for `Saml2LogoutResponseFilter` via `Saml2LogoutConfigurer`....
