Reputation: 75
Implementing a SAML 2.0 Service Provider using Spring Boot
I wanted to implement a Spring Boot SAML2.0 service provider. This service provider doesn't need to communicate to IDP as it will only receive an assertion object. My questions are:
- How can I implement a spring boot SAML2.0 service provider that only accept assertion objects. Get the principal information and redirect to a web application url with the information in the body?
- What is Assertion Consumer Service URL? How can I provide it with the created SP?
Thank you in advance.
Upvotes: 1
Views: 2366
Answers (2)
Reputation: 75
So, I solved my problem by creating a full SAML service provider using spring SAML extension. I was not knowledgeable with SAML service provider so I thought I could just create a code that would expose ACS URL and that's it. I configured the ACS url by setting up the SP base entity url and configured SAML Web SSO Processing filter.
Upvotes: 2
Reputation: 2744
If you only process a SAML Assertion, then you are not really implementing a SAMLv2 compliant Service Provider. A Service Provider does far more. Spring Security SAML extension is a Service Provider which could be used for your use case. The Assertion Consumer URL is configurable in Spring Boot configuration.
Upvotes: 1
Related Questions
- Spring Boot and SAML 2.0
- Spring Boot SAML 2.0 support
- Spring - How to implement Single Sign-On with SAML 2.0
- SAML Configuration
- Service provider implementation with SAML 2 and Java
- JAVA - SAML 2.0 implementation
- Saml with spring 2.5.6
- SAML service provider spring security
- SAML 2.0 service provider implementation
- Spring SAML 2.0