如何从spring security saml成功登录后获取SAML响应字符串 [英] How to get SAML response string after successful login from spring security saml

问题描述

我在我的应用程序中为 sso 使用 spring security saml 扩展.我能够成功地与 adfs 集成.现在我需要将从 adfs 获得的精确编码的 SAML 响应传递给下游的 web 服务.如何获取 SAML 响应字符串?

I am using spring security saml extension for sso in my application. I am able to successfully integrate with adfs. Now I need the exact encoded SAML response we get from adfs to be passed to webservices downstream. How to get that SAML response string?

推荐答案

如果您的 SAML 令牌已加密:

您可以扩展默认的 SAMLAuthenticationProvider 并覆盖身份验证方法.在此方法中，您可以获得完整的 SAML 响应，如下所示:

You can extend default SAMLAuthenticationProvider and override authenticate method. Inside this method you can get the complete SAML Response as follows:

SAMLAuthenticationToken token = (SAMLAuthenticationToken) authentication;
SAMLMessageContext context = token.getCredentials();
 try {

            String assertion = XMLHelper.nodeToString(SAMLUtil.marshallMessage(context.getInboundMessage()));
            System.out.println(assertion);
        } catch (MessageEncodingException e1) {
            // TODO Auto-generated catch block
            e1.printStackTrace();
        }

如果您的 SAML 令牌未加密，您可以使用:

Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
SAMLCredential credential = (SAMLCredential) authentication.getCredentials();
Assertion assertion = credential.getAuthenticationAssertion().getParent();

这篇关于如何从spring security saml成功登录后获取SAML响应字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！