如何在Spring Security SAML示例中配置IDP元数据和SP元数据? [英] How to configuration of IDP metadata and SP metadata in Spring Security SAML sample?

查看:2522
本文介绍了如何在Spring Security SAML示例中配置IDP元数据和SP元数据?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我想处理Spring Security SAML。为此,我开始探索 Spring Security SAML 。首先,我在 SSOCircle 创建了一个帐户。比我配置IDP元数据和生成SP元数据(4.2.2和4.2.3)。在 entityId 我设置:

I want to deal with Spring Security SAML. For this, I start to explore Spring Security SAML. At the beginning, I create an account at SSOCircle. Than I configurated of IDP metadata and generation of SP metadata (4.2.2 and 4.2.3). At entityId I set:

 <bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter">
    <constructor-arg>
        <bean class="org.springframework.security.saml.metadata.MetadataGenerator">
            <property name="entityId" value="http://idp.ssocircle.com"/>
        </bean>
    </constructor-arg>
 </bean>

当我开始申请时,我有:

When I start application, I have:

Error occurred:
Reason: Unable to do Single Sign On or Federation.


Error occurred:
Reason: Unable to get AuthnRequest.

如何配置Spring Security SAML?

How to configure Spring Security SAML?

推荐答案

按照快速入门章节。需要注意的一些差异:

Follow the steps in the QuickStart chapter. Some differences to note:


  1. http:/注册/www.ssocircle.com/ 。您需要验证您的电子邮件地址。

  2. sample / src / main / webapp / WEB-INF / securityContext.xml的metadataGeneratorFilter部分应该如下所示(注意: signMetadata属性已注释掉):

  1. Sign up at http://www.ssocircle.com/. You need to verify your email address.

  2. The metadataGeneratorFilter section of sample/src/main/webapp/WEB-INF/securityContext.xml should look like this (Note: signMetadata property is commented out):

<bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter">
<constructor-arg>
    <bean class="org.springframework.security.saml.metadata.MetadataGenerator">
      <property name="entityId" value="urn:test:YourName:YourCity"/>
  <!--<property name="signMetadata" value="false"/>-->
    </bean>
</constructor-arg>


  1. 退出SSO Circle服务。

  2. 转到 http:// localhost:8080 / spring-security-saml2-sample

  3. 您应该被重定向到SSO Circle登录。

  4. 使用您的SSO Circle凭据登录。

  5. 您应该被重定向到本地服务提供商页面并进行身份验证。

  1. Logout of SSO Circle Service.
  2. Go to http://localhost:8080/spring-security-saml2-sample
  3. You should be redirected to the SSO Circle login.
  4. Login with your SSO Circle credentials.
  5. You should be redirected to your local service provider page and authenticated.


这篇关于如何在Spring Security SAML示例中配置IDP元数据和SP元数据?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Java开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆