search

spring-attic / spring-security-saml

SAML extension for the Spring Security project
Other
419 stars 482 forks source link

Idp for local test environment #477

Closed galaxya2009 closed 3 years ago

galaxya2009 commented 4 years ago

Hello I am trying to use samples from develop branch to create local identity provider. My SP is implemented separately and I managed to run IDP example without an issue. However I am always getting following error. SAML message intended destination endpoint 'http://localhost:8083/mysp/saml/SSO' did not match the recipient endpoint 'http://localhost:8086/sample-idp/saml/SSO' because in the generated metadata the prefixes for all the IDP endpoints contain /saml/idp , so the SSO path is /saml/idp/SSO.
I can get the metadata at http://localhost:8086/sample-idp/saml/idp/metadata.

I was checking SecurityConfig it says, public SamlSecurity(BeanConfig beanConfig, @Qualifier("appConfig") AppConfig appConfig) { super("/saml/idp", beanConfig); this.appConfig = appConfig; this.beanConfig = beanConfig; }

If I change that to super("/saml", beanConfig); application runs properly but Nothing works, I cant generate the metadata for the IDP then. that means http://localhost:8086/sample-idp/saml/metadata. does not work.

CAn anyone help? I need to set this up for local environment in docker so that fellow developers can use it for local integration testing.

brzler commented 4 years ago

do you want a running IdP or do you want to simulate an IdP for integration tests?

if it is for integration testing you can build your own OpenSaml Response based on the SAMLRequest redirectedUrl (extract SAMLResponse from it) and make another request with the SAMLResponse to the SP

gtiwari333 commented 3 years ago

Not trying to self promote but I ran into the same issue and created a IDP for local testing purpose using the v3.0 of this library (now no longer maintained)

https://github.com/gtiwari333/spring-security-saml-test-identity-provider-and-service-provider

This contains a test SP and IDP that you can run locally. You can use the same IDP for testing any other local SP system.

jzheaux commented 3 years ago

Spring Security uses SimpleSAMLPHP for its samples.

StackOverflow is likely a better forum to continue this conversation. If folks would like to discuss further, please post a question there and share the link here.