spring security sasl: Unable to configure SSO url

Question

I am using following spring security saml repo from github: https://github.com/spring-projects/spring-security-saml/tree/master/sample

Whenever I try to update the SSO url, for e.g. localhost:8100/saml/ddo, instead of /saml/sso, browser gets stuck in infinite loops. (I have followed the steps mentioned in readme and updated the url on okta as well in application to test)

Sample code and config enclosed in: Spring secuirty saml issue

EDIT:

I did what below answer suggested,but I am getting the Incoming SAML message is invalid..

On debugging, I found that attemptAuthentication in SAMLProcessingFilter, the location in endpoint that are added still contain the /api/saml/SSO instead of /api/saml/ddo

and that's why getEndpoint method in SamlUtil throws excpetion with following line:

throw new SAMLException("Endpoint with message binding " + messageBinding + " and URL " + requestURL + " wasn't found in local metadata");

because the requestUrl and endpoint location do not match.

I also checked my metadata.xml but it does not contain any info related to these urls.

In the MetaDataGenerator class method getSAMLWebSSOProcessingFilterPath, the samlWebSSOFilter is null and that's why the default filter url: /saml/SSO is returned. I am trying to figure out how to set this value at runtime? I understand that there is a method with name: setSamlWebSSOFilter, and everything works correct if I provide the url /saml/ddo at the time of startup. But I am not able to make this work if config is changed at runtime.

Any idea how can I move forward?

Answer 1

Setting field filterProcessesUrl on bean samlWebSSOProcessingFilter to value /saml/ddo should solve the problem.