Reputation: 11
SAML 2.0 Support for Java Jersey Web/REST application
We have a existing java web based application built on Jersey framework and looking to provide SSO support using Okta or any other IDP. I have seen many example applications for saml support for spring based applications. Is there any framework which can provide saml support for Jersey based applications? Or Spring SAML extensions can be tweaked to provide support for non-spring baed applications?
Please provide any links or pointers.
Thanks in advance!
Upvotes: 1
Views: 939
Answers (1)
Reputation: 1612
It's possible to apply the Spring Security SAML extension on a non-Spring application. We are using Spring SAML with a Wicket web application.
I built a prototype with ADFS as an IdP to check feasibility, before we implemented this approach on the project. You can find the prototype in my Bitbucket repository: blog-spring-security.
Basically, you can use AbstractSecurityWebApplicationInitializer which should transparently enable Spring Security in your application.
public class WebAppInitializer extends AbstractSecurityWebApplicationInitializer {
public WebAppInitializer() {
super(SecurityConfiguration.class);
}
}
Spring configuration for SAML is quite extensive (couple of pages of source code), so I won't paste it here, but if you are going to use Java configuration you can utilize my SecurityConfiguration.java.
In case of XML configuration, I would recommend to follow either Reference Documentation, or sample project securityContext.xml.
Upvotes: 2
Related Questions
- Spring boot and Okta SAML2
- Okta SAML 2.0 implementation in Spring MVC (Not Spring boot)
- Implementing a SAML 2.0 Service Provider using Spring Boot
- Spring Boot SAML 2.0 support
- SAML For Java Application Running on Tomcat
- JAVA - SAML 2.0 implementation
- Saml with spring 2.5.6
- Spring Security SAML with existing J2EE Application (Not-Spring based)
- Integrating Java Web App with SAML SSO
- How do I configure Spring Security SAML to work with Okta?