Spring Security by Badr Nasslahsen
Author:Badr Nasslahsen
Language: eng
Format: epub
Publisher: Packt Publishing Pvt Ltd
Published: 2024-05-30T00:00:00+00:00
Creating a custom RelyingPartyRegistrationRepository
Spring Boot creates a RelyingPartyRegistrationRepository, which represents the asserting party and relying party metadata. This includes things such as the location of the SSO endpoint the relying party should use when requesting authentication from the asserting party.
You can override the default by publishing your own RelyingPartyRegistrationRepository bean. You can also remove the existing spring.security.saml2.relyingparty.registration configuration properties programmatically.
For example, you can look up the asserting partyâs configuration by hitting its metadata endpoint:
//src/main/java/com/packtpub/springsecurity/service/ SecurityConfig.java @Value("${metadata.location}") private String assertingPartyMetadataLocation; @Bean public RelyingPartyRegistrationRepository relyingPartyRegistrations() { RelyingPartyRegistration registration = RelyingPartyRegistrations .fromMetadataLocation(assertingPartyMetadataLocation) .registrationId("okta") .build(); return new InMemoryRelyingPartyRegistrationRepository(registration); }
Alternatively, you can directly wire up the repository by using the DSL, which also overrides the auto-configured SecurityFilterChain:
//src/main/java/com/packtpub/springsecurity/service/ SecurityConfig.java @Configuration @EnableWebSecurity public class SecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { ... omitted for brevity http .saml2Login(saml2 -> saml2 .relyingPartyRegistrationRepository(relyingPartyRegistrations()) ); return http.build(); } }
Important note
The registrationId is a user-defined value chosen to distinguish between different registrations.
Your code should now look like that in chapter10.04-calendar.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7787)
Grails in Action by Glen Smith Peter Ledbrook(7705)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(6631)
Azure Containers Explained by Wesley Haakman & Richard Hooper(6616)
Running Windows Containers on AWS by Marcio Morales(6144)
Kotlin in Action by Dmitry Jemerov(5073)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(4950)
Combating Crime on the Dark Web by Nearchos Nearchou(4535)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4422)
Microsoft Cybersecurity Architect Exam Ref SC-100 by Dwayne Natwick(4400)
The Ruby Workshop by Akshat Paul Peter Philips Dániel Szabó and Cheyne Wallace(4203)
The Age of Surveillance Capitalism by Shoshana Zuboff(3964)
Python for Security and Networking - Third Edition by José Manuel Ortega(3773)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3515)
The Ultimate Docker Container Book by Schenker Gabriel N.;(3439)
Mastering Python for Networking and Security by José Manuel Ortega(3357)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3337)
Learn Wireshark by Lisa Bock(3323)
Blockchain Basics by Daniel Drescher(3306)
