Class Saml2MetadataConfigurer<H extends HttpSecurityBuilder<H>>
- All Implemented Interfaces:
SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,
H>
AbstractHttpConfigurer
for SAML 2.0 Metadata.
SAML 2.0 Metadata provides an application with the capability to publish configuration
information as a <md:EntityDescriptor>
or <md:EntitiesDescriptor>
.
Defaults are provided for all configuration options with the only required
configuration being a Saml2LoginConfigurer.relyingPartyRegistrationRepository
.
Alternatively, a RelyingPartyRegistrationRepository
@Bean
may be
registered instead.
Security Filters
The followingFilter
is populated:
Saml2MetadataFilter
Shared Objects Created
noneShared Objects Used
The following shared objects are used:RelyingPartyRegistrationRepository
(required)
- Since:
- 6.1
- See Also:
-
HttpSecurity.saml2Metadata()
Saml2MetadataFilter
RelyingPartyRegistrationRepository
-
Constructor Summary
ConstructorDescriptionSaml2MetadataConfigurer
(org.springframework.context.ApplicationContext context) -
Method Summary
Modifier and TypeMethodDescriptionand()
Return theSecurityBuilder
when done using theSecurityConfigurer
.void
Configure theSecurityBuilder
by setting the necessary properties on theSecurityBuilder
.metadataResponseResolver
(org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResponseResolver metadataResponseResolver) Use thisSaml2MetadataResponseResolver
to parse the request and respond with SAML 2.0 metadata.metadataUrl
(String metadataUrl) Use this endpoint to request relying party metadata.Methods inherited from class org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer
disable, getSecurityContextHolderStrategy, withObjectPostProcessor
Methods inherited from class org.springframework.security.config.annotation.SecurityConfigurerAdapter
addObjectPostProcessor, getBuilder, init, postProcess, setBuilder
-
Constructor Details
-
Saml2MetadataConfigurer
public Saml2MetadataConfigurer(org.springframework.context.ApplicationContext context)
-
-
Method Details
-
metadataUrl
Use this endpoint to request relying party metadata.If you specify a
registrationId
placeholder in the URL, then the filter will lookup aRelyingPartyRegistration
using that.If there is no
registrationId
and yourRelyingPartyRegistrationRepository
is {code Iterable}, the metadata endpoint will try and show all relying parties' metadata in a single<md:EntitiesDecriptor
element.If you need a more sophisticated lookup strategy than these, use
metadataResponseResolver
instead.- Parameters:
metadataUrl
- the url to use- Returns:
- the
Saml2MetadataConfigurer
for more customizations
-
metadataResponseResolver
public Saml2MetadataConfigurer<H> metadataResponseResolver(org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResponseResolver metadataResponseResolver) Use thisSaml2MetadataResponseResolver
to parse the request and respond with SAML 2.0 metadata.- Parameters:
metadataResponseResolver
- to use- Returns:
- the
Saml2MetadataConfigurer
for more customizations
-
and
Description copied from class:SecurityConfigurerAdapter
Return theSecurityBuilder
when done using theSecurityConfigurer
. This is useful for method chaining.- Overrides:
and
in classSecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,
H extends HttpSecurityBuilder<H>> - Returns:
- the
SecurityBuilder
for further customizations
-
configure
Description copied from interface:SecurityConfigurer
Configure theSecurityBuilder
by setting the necessary properties on theSecurityBuilder
.- Specified by:
configure
in interfaceSecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,
H extends HttpSecurityBuilder<H>> - Overrides:
configure
in classSecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,
H extends HttpSecurityBuilder<H>> - Throws:
Exception
-