java.lang.Object

org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>

org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<Saml2LogoutConfigurer<H>,H>

org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer<H>

All Implemented Interfaces:: SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H>

public final class Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<Saml2LogoutConfigurer<H>,H>

Adds SAML 2.0 logout support.

Security Filters

The following Filters are populated

LogoutFilter
Saml2LogoutRequestFilter
Saml2LogoutResponseFilter

The following configuration options are available:

logoutUrl - The URL to to process SAML 2.0 Logout
Saml2LogoutConfigurer.LogoutRequestConfigurer.logoutRequestValidator - The AuthenticationManager for authenticating SAML 2.0 Logout Requests
Saml2LogoutConfigurer.LogoutRequestConfigurer.logoutRequestResolver - The Saml2LogoutRequestResolver for creating SAML 2.0 Logout Requests
Saml2LogoutConfigurer.LogoutRequestConfigurer.logoutRequestRepository - The Saml2LogoutRequestRepository for storing SAML 2.0 Logout Requests
Saml2LogoutConfigurer.LogoutResponseConfigurer.logoutResponseValidator - The AuthenticationManager for authenticating SAML 2.0 Logout Responses
Saml2LogoutConfigurer.LogoutResponseConfigurer.logoutResponseResolver - The Saml2LogoutResponseResolver for creating SAML 2.0 Logout Responses

Shared Objects Created

No shared Objects are created

Shared Objects Used

Uses CsrfTokenRepository to add the CsrfLogoutHandler.

Since:

5.6

See Also:

Saml2LogoutConfigurer

Nested Class Summary

Nested Classes

Modifier and Type

Class

Description

final class

Saml2LogoutConfigurer.LogoutRequestConfigurer

A configurer for SAML 2.0 LogoutRequest components

final class

Saml2LogoutConfigurer.LogoutResponseConfigurer
Constructor Summary

Constructors

Constructor

Description

Saml2LogoutConfigurer(org.springframework.context.ApplicationContext context)

Creates a new instance
Method Summary

Modifier and Type

Method

Description

void

configure(H http)

Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.

Saml2LogoutConfigurer<H>.LogoutRequestConfigurer

logoutRequest()

Get configurer for SAML 2.0 Logout Request components

Saml2LogoutConfigurer<H>

logoutRequest(Customizer<Saml2LogoutConfigurer<H>.LogoutRequestConfigurer> logoutRequestConfigurerCustomizer)

Configures SAML 2.0 Logout Request components

Saml2LogoutConfigurer<H>.LogoutResponseConfigurer

logoutResponse()

Get configurer for SAML 2.0 Logout Response components

Saml2LogoutConfigurer<H>

logoutResponse(Customizer<Saml2LogoutConfigurer<H>.LogoutResponseConfigurer> logoutResponseConfigurerCustomizer)

Configures SAML 2.0 Logout Request components

Saml2LogoutConfigurer<H>

logoutUrl(String logoutUrl)

The URL by which the relying or asserting party can trigger logout.

Saml2LogoutConfigurer<H>

relyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository repo)

Sets the RelyingPartyRegistrationRepository of relying parties, each party representing a service provider, SP and this host, and identity provider, IDP pair that communicate with each other.

Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
disable, getSecurityContextHolderStrategy, withObjectPostProcessor

Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, and, getBuilder, init, postProcess, setBuilder

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- Saml2LogoutConfigurer
  
  public Saml2LogoutConfigurer(org.springframework.context.ApplicationContext context)
  
  Creates a new instance
  See Also:
  
  HttpSecurity.logout()
Method Details
- logoutUrl
  
  public Saml2LogoutConfigurer<H> logoutUrl(String logoutUrl)
  
  The URL by which the relying or asserting party can trigger logout.
  The Relying Party triggers logout by POSTing to the endpoint. The Asserting Party triggers logout based on what is specified by RelyingPartyRegistration.getSingleLogoutServiceBindings().
  Parameters:
  
  logoutUrl - the URL that will invoke logout
  
  Returns:
  
  the LogoutConfigurer for further customizations
  
  See Also:
  
  LogoutConfigurer.logoutUrl(String)
  
  HttpSecurity.csrf()
- relyingPartyRegistrationRepository
  
  public Saml2LogoutConfigurer<H> relyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository repo)
  
  Sets the RelyingPartyRegistrationRepository of relying parties, each party representing a service provider, SP and this host, and identity provider, IDP pair that communicate with each other.
  
  Parameters:
  
  repo - the repository of relying parties
  
  Returns:
  
  the Saml2LogoutConfigurer for further customizations
- logoutRequest
  
  public Saml2LogoutConfigurer<H>.LogoutRequestConfigurer logoutRequest()
  
  Get configurer for SAML 2.0 Logout Request components
  
  Returns:
  
  the Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>>.LogoutRequestConfigurer for further customizations
- logoutRequest
  
  public Saml2LogoutConfigurer<H> logoutRequest(Customizer<Saml2LogoutConfigurer<H>.LogoutRequestConfigurer> logoutRequestConfigurerCustomizer)
  
  Configures SAML 2.0 Logout Request components
  
  Parameters:
  
  logoutRequestConfigurerCustomizer - the Customizer to provide more options for the Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>>.LogoutRequestConfigurer
  
  Returns:
  
  the Saml2LogoutConfigurer for further customizations
- logoutResponse
  
  public Saml2LogoutConfigurer<H>.LogoutResponseConfigurer logoutResponse()
  
  Get configurer for SAML 2.0 Logout Response components
  
  Returns:
  
  the Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>>.LogoutResponseConfigurer for further customizations
- logoutResponse
  
  public Saml2LogoutConfigurer<H> logoutResponse(Customizer<Saml2LogoutConfigurer<H>.LogoutResponseConfigurer> logoutResponseConfigurerCustomizer)
  
  Configures SAML 2.0 Logout Request components
  
  Parameters:
  
  logoutResponseConfigurerCustomizer - the Customizer to provide more options for the Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>>.LogoutResponseConfigurer
  
  Returns:
  
  the Saml2LogoutConfigurer for further customizations
- configure
  
  public void configure(H http) throws Exception
  
  Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
  
  Specified by:
  
  configure in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
  
  Overrides:
  
  configure in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
  
  Throws:
  
  Exception

Class Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>>

Security Filters

Shared Objects Created

Shared Objects Used

Nested Class Summary

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer

Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter

Methods inherited from class java.lang.Object

Constructor Details

Saml2LogoutConfigurer

Method Details

logoutUrl

relyingPartyRegistrationRepository

logoutRequest

logoutRequest

logoutResponse

logoutResponse

configure