那些遇到过的问题

相关疑难解决方法(0)

SAML服务提供商的弹簧安全性

在使用预配置的服务提供程序元数据时,在spring安全性中,是否应该有2个bean定义用于扩展元数据委托?一个用于IDP元数据,一个用于SP元数据?

<bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
    <constructor-arg>
        <bean class="org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider">
            <constructor-arg>
                <value type="java.io.File">classpath:security/localhost_sp.xml</value>
            </constructor-arg>
            <property name="parserPool" ref="parserPool"/>
        </bean>
    </constructor-arg>
    <constructor-arg>
        <bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
           <property name="local" value="true"/>
           <property name="alias" value="default"/>
           <property name="securityProfile" value="metaiop"/>
           <property name="sslSecurityProfile" value="pkix"/>
           <property name="signingKey" value="apollo"/>
           <property name="encryptionKey" value="apollo"/>
           <property name="requireArtifactResolveSigned" value="false"/>
           <property name="requireLogoutRequestSigned" value="false"/>
           <property name="requireLogoutResponseSigned" value="false"/>
           <property name="idpDiscoveryEnabled" value="true"/>
           <property name="idpDiscoveryURL"
              value="https://www.server.com:8080/context/saml/discovery/alias/default"/>
           <property name="idpDiscoveryResponseURL"
              value="https://www.server.com:8080/context/saml/login/alias/default?disco=true"/>
        </bean>
    </constructor-arg>
</bean>




<bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
    <constructor-arg>
        <bean class="org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider">
            <constructor-arg>
                <value type="java.io.File">classpath:security/idp.xml</value>
            </constructor-arg>
            <property name="parserPool" ref="parserPool"/>
        </bean>
    </constructor-arg>
    <constructor-arg>
        <bean class="org.springframework.security.saml.metadata.ExtendedMetadata"/>
    </constructor-arg>
</bean>
Run Code Online (Sandbox Code Playgroud)

java spring-security spring-saml

use*_*968
2014 07-23
5
推荐指数
1
解决办法
5336
查看次数

如何在Spring Security SAML示例中配置IDP元数据和SP元数据?

我想处理Spring Security SAML.为此,我开始探索Spring Security SAML.一开始,我在SSOCircle创建了一个帐户.比我配置IDP元数据和生成SP元数据(4.2.2和4.2.3).在entityId我设定:

 <bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter">
    <constructor-arg>
        <bean class="org.springframework.security.saml.metadata.MetadataGenerator">
            <property name="entityId" value="http://idp.ssocircle.com"/>
        </bean>
    </constructor-arg>
 </bean>
Run Code Online (Sandbox Code Playgroud)

当我开始申请时,我有:

Error occurred:
Reason: Unable to do Single Sign On or Federation.
Run Code Online (Sandbox Code Playgroud)

要么 

Error occurred:
Reason: Unable to get AuthnRequest.
Run Code Online (Sandbox Code Playgroud)

如何配置Spring Security SAML?

java spring spring-security opensaml spring-saml

som*_*ody
lucky-day
4
推荐指数
1
解决办法
1万
查看次数

标签 统计

java ×2

spring-saml ×2

spring-security ×2

opensaml ×1

spring ×1