Reputation: 7733
Which key is used by spring security saml?
I am using spring security's open saml library for authentication.
My Service Provider is my spring web application configured with spring saml. My IDP is OpenSSO.
In the spring-security-saml2-core library, the JKSKeyManager is never called, but the KeyManager gets called.
So is the library using the .jks keystore file as its keys or the 'apollo/nalle123' as its keys? what's their difference?
Upvotes: 2
Views: 5782
Answers (1)
Reputation: 15533
The org.springframework.security.saml.key.KeyManager is an interface, org.springframework.security.saml.key.JKSKeyManager is its implementation. So if you see calls to KeyManager, in default configuration it means they're hitting the JKSKeyManager.
The apollo/nalle123 key is stored inside the .jks file (samlKeystore.jks in the sample application), configured to be used by the KeyManager. Apollo is alias of the key in the .jks file, nalle123 is its password.
Spring SAML combines usage of keys provided in the KeyManager and keys supplied in SAML metadata.
Upvotes: 7
Related Questions
- Spring Security 5.2+ Saml Metadata
- SAML Configuration
- Spring saml SSO
- Spring SAML wso2
- How to configure wso2 metadata in Spring Security Sample
- What is the purpose of signingKey and encryptionKey settings
- Where is the saml authentication request is getting generated in Spring Security Saml Sample
- How the certificate use from SP keystore spring saml
- Spring Security using SAML 1.1
- Spring SAML 2.0