Compatibility with Spring 6

[OrangeDog]

The first problem is the change from JEE to Jakarta, hopefully there's not much else.

I know this project is EOL, but the replacement is missing a lot of functionality. Would the maintainers consider doing a new release (possibly the same version but with a jakarta classifier) if I did the changes to get it working?

[jzheaux]

I appreciate the offer. Given that the project is EOL, I don't think we have much flexibility due to support implications, but I don't mind looking into the possibility.

In the meantime, I'm curious if time would be better spent in making contributions to Spring Security to close the gaps you are experiencing so that you can migrate instead.

[OrangeDog]

@jzheaux perhaps, but that's a whole lot more work than just changing some imports.

As mentioned on a spring-security issue, I suspect it's not possible without re-writing it all again (which will be the fourth attempt by my reckoning), as the API will not accommodate having one SP authenticating with multiple IdPs.

[OrangeDog]

Unfortunately I'm not very good at Gradle - I only use Maven. To build with JDK 17 you need Gradle 7, but then the Spring Gradle plugins this uses don't support it.

There is a tool that may make this very easy, with only build changes needed: https://github.com/eclipse/transformer

[jzheaux]

as the API will not accommodate having one SP authenticating with multiple IdPs

Please see https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/saml2/login and let me know what is missing. This sample is "one SP authenticating with multiple IdPs", at least as far as I understand your phrasing.

[OrangeDog]

Isn't that multiple SPs ("one" and "two") authenticating with one IdP ("https://simplesaml-for-spring-saml.apps.pcfone.io/saml2/idp/metadata.php")?

That server isn't responding so I can't verify what the metadata actually is.

What's missing is some UI where you choose which IdP you want to authenticate with (commonly called "discovery").