CODEWITHSUNDEEP
springsamlsamplespring-saml
Nick101
Nick101

Reputation: 159

SPRING SAML Authentication not working

I m trying to implement the Spring saml sample application and I m having issues with authentication. I followed the exact steps outlined in quick start guide namely: downloading the sample app; configuring IDP and SP metadata;

I was able to generate the SP metadata and successfully uploaded it to SSOCircle IDP.

When I enter in my SSOCircle login details - it fails to redirect back to my local application and log me in;

Here are my config changes I made:

IDP config:

<bean id="metadata" class="org.springframework.security.saml.metadata.CachingMetadataManager">
    <constructor-arg>
        <list>
            <bean class="org.opensaml.saml2.metadata.provider.HTTPMetadataProvider">
                <constructor-arg>
                    <value type="java.lang.String">http://idp.ssocircle.com/idp-meta.xml</value>
                </constructor-arg>
                <constructor-arg>
                    <value type="int">5000</value>
                </constructor-arg>
                <property name="parserPool" ref="parserPool"/>
            </bean>
        </list>
    </constructor-arg>
</bean>

SP config:

 <bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter">
    <constructor-arg>
        <bean class="org.springframework.security.saml.metadata.MetadataGenerator">
            <property name="entityId" value="http://localhost:8081/spring-security-saml2-sample"/>
            <property name="signMetadata" value="false"/>
            <property name="extendedMetadata">
                <bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
                    <property name="idpDiscoveryEnabled" value="false"/>
                </bean>
            </property>
        </bean>
    </constructor-arg>
</bean>

Can someone please thrown some light here... Thank you in advance.

Upvotes: 1

Views: 1452

Answers (1)

Nick101
Nick101

Reputation: 159

Ok, I was able to get through this; by explicitly changing the "bindingSSO" property in MetadataGenerator bean to "POST" solved my problem. 

 <property name="bindingsSSO" >
                <list>
                    <value>POST</value>
                </list>
 </property>

It looks like, the code is setting the default binding to "SSO_ARTIFACT"

Upvotes: 1

Related Questions