Reputation: 485
how to configure both spring security basic authentication and SAML authentication using spring-sample example within same application
I have an application that uses spring security basic authentication which validates user details against the database. There are a specific set of users who are validated against SSO database. Using SAML, I was able to validate against SSO database.
But the problem is how to integrate both basic authentication and SAML authentication in a single application and direct the user to a specific authentication. Another reason, being both use different authentication providers as well.
I have used spring-saml example to configure SAML.
ANother problem is with the intercept-url patterns. In the below configuration, both the security configurations are not mapped with PATTERN attribute because of which exception when server is started as there are two configurations which are mapped to /** (any request). How to resolve this exception?
For eg:
<security:http access-denied-page="/saml/web/metadata/login">
<security:form-login login-processing-url="/saml/web/login" login-page="/saml/web/metadata/login" default-target-url="/saml/web/metadata"/>
<security:intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/logout" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:intercept-url pattern="/home" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<security:custom-filter before="FIRST" ref="metadataGeneratorFilter"/>
</security:http>
<security:http pattern="/saml/mysignin" entry-point-ref="samlEntryPoint">
<security:intercept-url pattern="/saml/mysignin" access="IS_AUTHENTICATED_FULLY"/>
<security:custom-filter before="FIRST" ref="metadataGeneratorFilter"/>
<security:custom-filter after="BASIC_AUTH_FILTER" ref="samlFilter"/>
</security:http>
<bean id="samlFilter" class="org.springframework.security.web.FilterChainProxy">
<security:filter-chain-map request-matcher="ant">
<security:filter-chain pattern="/saml/login/**" filters="samlEntryPoint"/>
<security:filter-chain pattern="/saml/logout/**" filters="samlLogoutFilter"/>
<security:filter-chain pattern="/saml/metadata/**" filters="metadataDisplayFilter"/>
<security:filter-chain pattern="/saml/SSO/**" filters="samlWebSSOProcessingFilter"/>
<security:filter-chain pattern="/saml/SSOHoK/**" filters="samlWebSSOHoKProcessingFilter"/>
<security:filter-chain pattern="/saml/SingleLogout/**" filters="samlLogoutProcessingFilter"/>
<security:filter-chain pattern="/saml/discovery/**" filters="samlIDPDiscovery"/>
</security:filter-chain-map>
</bean>
Upvotes: 5
Views: 3846
Answers (1)
Reputation: 15533
The sample application in Spring SAML 1.0.0 contains both basic authentication with username and password and SAML-based authentication. Use it as an example.
Upvotes: 3
Related Questions
- Combine Saml2 and oAuth2 in the same authentication module
- Combine database and SAML authentication in one application using spring security
- Spring SAML Security Integration with Spring Web application
- Spring - How to implement Single Sign-On with SAML 2.0
- SAML Configuration
- Authentication using SAML in spring boot
- Authenticate using SAML-based Basic Authentication?
- can I implement both SAML and basic spring security within an application?
- SPRING SAML Authentication not working
- Can I use SAML with another authentication provider in a single web application