Migrating from Spring Security SAML extension project to SAML2 authentication using Spring Boot 3.X version and Java 17

[jana310797]

I am upgrading the current Spring Security SAML extension project to SAML2 authentication.

I would like to better understand which part of code is getting replaced by which part in the new implementation(SAML2 authentication) with some working examples. My questions are like below,

1. How to provide metadata?
2. How to provide custom success and failure handlers for SAMLProcessingFilter and SAMLWebSSOHoKProcessingFilter?
3. How to provide the CSP headers to the Web and HTTP security?
4. Whether any changes should be made to the metadata(which is used in SAML extension project) while migrating to SAML2 authentication?

Kindly please advise with any working implementation which has answers for all the above questions. Thanks in advance.

[francescogabbrielli]

Also application.properties do not match with previous ones

[marcusdacoregio]

Hi, @jana310797. Please take a look at this issue https://github.com/spring-projects/spring-security/issues/8685

If you are still having problems with the migration, please open an issue in the Spring Security issue tracker.