根据官方示例(Secure Web Content),我必须使用表单和按钮,目的是使用Spring Security执行注销.有没有办法使用Thymeleaf链接而不是按钮?
有没有办法在基于Spring Boot的应用程序中集成SAML 2.0?我想实现自己的SP并与远程IdP通信.
为了从远程源获取元数据,我ExtendedMetadataDelegate按如下方式定义了一个bean:
@Bean
@Qualifier("replyMeta")
public ExtendedMetadataDelegate replyMetadataProvider() throws MetadataProviderException {
String metadataURL = "https://ststest.mydomain.it/FederationMetadata/2007-06/FederationMetadata.xml";
final Timer backgroundTaskTimer = new Timer(true);
HTTPMetadataProvider provider = new HTTPMetadataProvider(
backgroundTaskTimer, httpClient(), metadataURL);
provider.setParserPool(parserPool());
ExtendedMetadataDelegate emd = new ExtendedMetadataDelegate(
provider, new ExtendedMetadata());
return emd;
}
为了确保签名信任的建立,我在JDK密钥库和应用程序密钥库中都添加了相关密钥(第二步可能还不够); 尽管如此,运行webapp会出错.
[2014-08-18 14:36:47.200] boot - 6000 DEBUG [localhost-startStop-1] --- SignatureValidator: Attempting to validate signature using key from supplied credential
[2014-08-18 14:36:47.200] boot - 6000 DEBUG [localhost-startStop-1] --- SignatureValidator: Creating XMLSignature object
[2014-08-18 14:36:47.206] boot - 6000 DEBUG [localhost-startStop-1] …我正在使用Xcode作为IDE 开发一个C++项目.现在,我想添加一个静态库和相关的标题. 4.6.1mylib.amylib.h
我读到了这个解决方案,但它不起作用(点击Target Dependencies时,该框仍然是空的).
有没有办法实现这个任务?
我创建了一个组,然后我mylib.a在其上添加了文件.它似乎工作正常,但在编译时会出现如下警告:
ld: warning: ignoring file /Users/vdenotaris/Desktop/Code/MyStaticLib/mylib.a, file was built for archive which is not the architecture being linked
(i386):/Users/vdenotaris/Desktop/Code/MyStaticLib/mylib.a
我想在我的网页中添加错误标记.如何使用Thymeleaf检查Spring Model属性是真还是假?
通常我的基于Spring SAML的服务提供程序(SP)实现工作正常,但有时它会返回此错误:
[2014-07-17 16:00:58.767] boot - 1078 DEBUG [http-bio-80-exec-1] --- BaseMessageDecoder: Successfully decoded message.
[2014-07-17 16:00:58.767] boot - 1078 DEBUG [http-bio-80-exec-1] --- BaseSAMLMessageDecoder: Checking SAML message intended destination endpoint against receiver endpoint
[2014-07-17 16:00:58.768] boot - 1078 DEBUG [http-bio-80-exec-1] --- BaseSAMLMessageDecoder: Intended message destination endpoint: https://prismasp.cloud.reply.eu:443/MIUR_PRISMA-2.1-WEBUI/saml/SSO/alias/defaultAlias
[2014-07-17 16:00:58.768] boot - 1078 DEBUG [http-bio-80-exec-1] --- BaseSAMLMessageDecoder: Actual message receiver endpoint: http://prismasp.cloud.reply.eu:443/MIUR_PRISMA-2.1-WEBUI/saml/SSO/alias/defaultAlias
[2014-07-17 16:00:58.768] boot - 1078 ERROR [http-bio-80-exec-1] --- BaseSAMLMessageDecoder: SAML message intended destination endpoint 'https://prismasp.cloud.reply.eu:443/MIUR_PRISMA-2.1-WEBUI/saml/SSO/alias/defaultAlias' did …使用@ModelAttribute和有@Valid什么好处?
哪些是差异?
可以一起使用它们吗?
我正在开发一个实时通知系统弹簧4使用内置的Message Broker中,和蹬过的WebSocket.
我希望能够根据用户名向特定用户发送消息.为了实现这个目标,我正在使用类的convertAndSendToUser方法org.springframework.messaging.simp.SimpMessagingTemplate,如下所示:
private final MessagingTemplate messagingTemplate;
@Autowired
public LRTStatusListener(SimpMessagingTemplate messagingTemplate) {
this.messagingTemplate = messagingTemplate;
}
@Scheduled(fixedDelay=5000)
public void sendMessages(Principal principal)
messagingTemplate
.convertAndSendToUser(principal.getName(), "/horray", "Horray, " + principal.getName() + "!");
}
作为配置:
@Configuration
@EnableScheduling
@EnableWebSocketMessageBroker
public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/notifications").withSockJS();
}
@Override
public void configureMessageBroker(MessageBrokerRegistry registry) {
registry.enableSimpleBroker("/topic", "/queue", "/user");
}
}
客户端(通过JavaScript),我应该通过指定用户名来订阅一个频道(根据另一个非常类似的问题:在Spring Websocket上向特定用户发送消息).
stompClient.subscribe('/user/' + …我正在努力将Spring SAML Extension集成到我们的应用程序中,并将SSO与我们客户的ADFS2.0之一作为IDP,我们从我们的应用程序生成服务提供程序元数据并将ADFS元数据导入我们的appliaction.When我选择客户端idp然后单击开始单一符号并提供正确的客户端凭据,我们将看到SAML响应,如下所示:
Saml回应.
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
Destination="https://sso.spire2grow.com:8443/<our application>/saml/SSO" ID="_d7fa7cb7-a858-4d4e-aa4c-bf7a5d11e485"
InResponseTo="a2icei36d347di68gi33534cc13fd1" IssueInstant="2014-09-30T14:17:21.819Z" Version="2.0"><Issuer
xmlns="urn:oasis:names:tc:SAML:2.0:assertion"><Clients ADFS trust services URL></Issuer><samlp:Status><samlp:StatusCode
Value="urn:oasis:names:tc:SAML:2.0:status:Responder"></samlp:StatusCode></samlp:Status></samlp:Response>
但我也看到以下异常被抛出,因为服务提供商无法验证消息.
异常消息:
[351545]2014-09-30 19:47:21,714 DEBUG - SAML message intended destination endpoint matched recipient endpoint
[351545]2014-09-30 19:47:21,714 DEBUG - Authentication attempt using org.springframework.security.saml.SAMLAuthenticationProvider
[351545]2014-09-30 19:47:21,715 DEBUG - Error validating SAML message
org.opensaml.common.SAMLException: Response has invalid status code urn:oasis:names:tc:SAML:2.0:status:Responder, status message is null
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:113)
at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:82)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
at org.springframework.security.saml.SAMLProcessingFilter.attemptAuthentication(SAMLProcessingFilter.java:84)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
如果我在这里做任何事情,请指出任何人.
更新:
看到为这个问题提供的答案后,我看到了ADFS的以下错误.
Microsoft.IdentityServer.Protocols.Saml.SamlProtocolSignatureAlgorithmMismatchException: MSIS7093: The message is …有没有办法复制整个项目?该项目包含: 2x Cloud SQL:主 + 备份 1x Cloud Storage 4x Google Compute Engine
我们已经建立和配置了一个完全相同的项目,因此如果我们可以复制这些项目,对我们来说会容易得多。
项目不在同一个账户下。
spring ×7
saml-2.0 ×3
spring-saml ×3
spring-mvc ×2
thymeleaf ×2
adfs2.0 ×1
c++ ×1
java ×1
saml ×1
spring-boot ×1
spring-data ×1
stomp ×1
websocket ×1
xcode ×1