BAEL-4628 - Spring Security SAMl with Okta
This commit is contained in:
-6
@@ -129,12 +129,6 @@ public class SamlSecurityConfig {
|
||||
samlEntryPoint.setDefaultProfileOptions(defaultWebSSOProfileOptions());
|
||||
return samlEntryPoint;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SAMLDiscovery samlIDPDiscovery() {
|
||||
SAMLDiscovery idpDiscovery = new SAMLDiscovery();
|
||||
return idpDiscovery;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public ExtendedMetadata extendedMetadata() {
|
||||
|
||||
+10
-7
@@ -53,8 +53,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
@Autowired
|
||||
private SAMLLogoutProcessingFilter samlLogoutProcessingFilter;
|
||||
|
||||
@Autowired
|
||||
private SAMLDiscovery samlDiscovery;
|
||||
@Bean
|
||||
public SAMLDiscovery samlDiscovery() {
|
||||
SAMLDiscovery idpDiscovery = new SAMLDiscovery();
|
||||
return idpDiscovery;
|
||||
}
|
||||
|
||||
@Autowired
|
||||
private SAMLAuthenticationProvider samlAuthenticationProvider;
|
||||
@@ -89,7 +92,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/SSO/**"),
|
||||
samlWebSSOProcessingFilter()));
|
||||
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/discovery/**"),
|
||||
samlDiscovery));
|
||||
samlDiscovery()));
|
||||
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/login/**"),
|
||||
samlEntryPoint));
|
||||
chains.add(new DefaultSecurityFilterChain(new AntPathRequestMatcher("/saml/logout/**"),
|
||||
@@ -115,21 +118,21 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
http
|
||||
.csrf()
|
||||
.disable();
|
||||
|
||||
|
||||
http
|
||||
.httpBasic()
|
||||
.authenticationEntryPoint(samlEntryPoint);
|
||||
|
||||
|
||||
http
|
||||
.addFilterBefore(metadataGeneratorFilter(), ChannelProcessingFilter.class)
|
||||
.addFilterAfter(samlFilter(), BasicAuthenticationFilter.class)
|
||||
.addFilterBefore(samlFilter(), CsrfFilter.class);
|
||||
|
||||
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/").permitAll()
|
||||
.anyRequest().authenticated();
|
||||
|
||||
|
||||
http
|
||||
.logout()
|
||||
.addLogoutHandler((request, response, authentication) -> {
|
||||
|
||||
+3
-3
@@ -1,6 +1,6 @@
|
||||
saml.keystore.location=classpath:/saml/samlKeystore.jks
|
||||
saml.keystore.password=oktaiscool
|
||||
saml.keystore.alias=oktasaml
|
||||
saml.keystore.password=<key_pass>
|
||||
saml.keystore.alias=<key_alias>
|
||||
|
||||
saml.idp=http://www.okta.com/exk26fxqrz8LLk9dV4x7
|
||||
saml.idp=<idp_issuer_url>
|
||||
saml.sp=http://localhost:8080/saml/metadata
|
||||
@@ -6,10 +6,8 @@
|
||||
<body>
|
||||
<h3><Strong>Welcome!</strong><br/>You are successfully logged in!</h3>
|
||||
<p>You are logged as <span class="badge badge-dark" th:text="${username}">null</span>.</p>
|
||||
<small class="d-block text-right mt-3" id="sso-btn">
|
||||
<a th:href="@{/logout}" class="btn btn-spring btn-sm">
|
||||
<i class="far fa-user-circle"></i> Logout
|
||||
</a>
|
||||
<small>
|
||||
<a th:href="@{/logout}">Logout</a>
|
||||
</small>
|
||||
</body>
|
||||
</html>
|
||||
+1
-3
@@ -5,8 +5,6 @@
|
||||
</head>
|
||||
<body>
|
||||
<h3><Strong>Welcome to Baeldung Spring Security SAML</strong></h3>
|
||||
<a th:href="@{/auth}" class="btn btn-spring btn-sm">
|
||||
<i class="far fa-user-circle"></i> Login
|
||||
</a>
|
||||
<a th:href="@{/auth}">Login</a>
|
||||
</body>
|
||||
</html>
|
||||
Reference in New Issue
Block a user