Package org.springframework.security.config.annotation.web.configurers.saml2

Class Saml2MetadataConfigurer<H extends HttpSecurityBuilder<H>>

java.lang.Object
org.springframework.security.config.annotation.SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,B>
org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<Saml2LogoutConfigurer<H>,H>
org.springframework.security.config.annotation.web.configurers.saml2.Saml2MetadataConfigurer<H>
All Implemented Interfaces:
SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H>
public class Saml2MetadataConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<Saml2LogoutConfigurer<H>,H>
An AbstractHttpConfigurer for SAML 2.0 Metadata.

SAML 2.0 Metadata provides an application with the capability to publish configuration information as a <md:EntityDescriptor> or <md:EntitiesDescriptor>.

Defaults are provided for all configuration options with the only required configuration being a Saml2LoginConfigurer.relyingPartyRegistrationRepository. Alternatively, a RelyingPartyRegistrationRepository @Bean may be registered instead.

Security Filters

The following Filter is populated:
  • Saml2MetadataFilter

Shared Objects Created

none

Shared Objects Used

The following shared objects are used:
  • RelyingPartyRegistrationRepository (required)
Since:
6.1
See Also:

  • Constructor Details

    • Saml2MetadataConfigurer

      public Saml2MetadataConfigurer(org.springframework.context.ApplicationContext context)

  • Method Details

    • metadataUrl

      public Saml2MetadataConfigurer<H> metadataUrl(String metadataUrl)
      Use this endpoint to request relying party metadata.

      If you specify a registrationId placeholder in the URL, then the filter will lookup a RelyingPartyRegistration using that.

      If there is no registrationId and your RelyingPartyRegistrationRepository is {code Iterable}, the metadata endpoint will try and show all relying parties' metadata in a single <md:EntitiesDecriptor element.

      If you need a more sophisticated lookup strategy than these, use metadataResponseResolver instead.

      Parameters:
      metadataUrl - the url to use
      Returns:
      the Saml2MetadataConfigurer for more customizations

    • metadataResponseResolver

      public Saml2MetadataConfigurer<H> metadataResponseResolver(org.springframework.security.saml2.provider.service.metadata.Saml2MetadataResponseResolver metadataResponseResolver)
      Use this Saml2MetadataResponseResolver to parse the request and respond with SAML 2.0 metadata.
      Parameters:
      metadataResponseResolver - to use
      Returns:
      the Saml2MetadataConfigurer for more customizations

    • and

      public H and()
      Description copied from class: SecurityConfigurerAdapter
      Return the SecurityBuilder when done using the SecurityConfigurer. This is useful for method chaining.
      Overrides:
      and in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
      Returns:
      the SecurityBuilder for further customizations

    • configure

      public void configure(H http) throws Exception
      Description copied from interface: SecurityConfigurer
      Configure the SecurityBuilder by setting the necessary properties on the SecurityBuilder.
      Specified by:
      configure in interface SecurityConfigurer<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
      Overrides:
      configure in class SecurityConfigurerAdapter<org.springframework.security.web.DefaultSecurityFilterChain,H extends HttpSecurityBuilder<H>>
      Throws:
      Exception