Reputation: 75
I wanted to implement a Spring Boot SAML2.0 service provider. This service provider doesn't need to communicate to IDP as it will only receive an assertion object. My questions are:
Thank you in advance.
Upvotes: 1
Views: 2366
Reputation: 75
So, I solved my problem by creating a full SAML service provider using spring SAML extension. I was not knowledgeable with SAML service provider so I thought I could just create a code that would expose ACS URL and that's it. I configured the ACS url by setting up the SP base entity url and configured SAML Web SSO Processing filter.
Upvotes: 2
Reputation: 2744
If you only process a SAML Assertion, then you are not really implementing a SAMLv2 compliant Service Provider. A Service Provider does far more. Spring Security SAML extension is a Service Provider which could be used for your use case. The Assertion Consumer URL is configurable in Spring Boot configuration.
Upvotes: 1