search

ulisesbocchio / spring-boot-security-saml

spring-security-saml integration with Spring Boot
MIT License
158 stars 73 forks source link

spring-boot-security-saml + jhipster #26

Closed tud closed 7 years ago

tud commented 7 years ago

Hello, I'm trying to integrate your library with jhipster (http://jhipster.github.io) As first step I downloaded your DSL demo app and I configured it in order to running it with the IDP I need (an ADFS provider). Now demo app works with my IDP.

Second step I scaffolded a new jhipster app (basically a Spring Boot app + preconfigured features) I modified it following README.md

  1. added dependency to pom.xml
  2. added @EnableSAMLSSO annotation
  3. jHipster uses WebSecurityConfigurerAdapter for security configuration then I used the example configuration you provide. nb: I think there is an error in the documentation: publicKeyPEMLocation("classpath:/localhost.cert") .http() .authorizeRequests() the line with .http() returns an error

Anyway I modified ".http()" to "http" and I can run the app but I got an error: Caused by: java.lang.IllegalStateException: Can't find SAML Endpoints at com.github.ulisesbocchio.spring.boot.security.saml.bean.SAMLConfigurerBean.lambda$endpointsMatcher$2(SAMLConfigurerBean.java:207) at java.util.Optional.orElseThrow(Optional.java:290) ....

Can you help me with this problem? Do you need more info? Thanks .Stefano

ulisesbocchio commented 7 years ago

absolutely, can you put your demo app in a github repo so I can take a look?

tud commented 7 years ago

https://github.com/tud/jhipstersaml

do you want permissions to modify repository? so you can work directly

ulisesbocchio commented 7 years ago

read access should be fine, I'll let you know what I find, thanks!

ulisesbocchio commented 7 years ago

I took a first glance at your app. It seems that you're mixing the existing security configuration in SecurityConfiguration with the saml configuration. I suggest you create a new WebSecurityConfigurerAdapter and add the SAML config so you have 2 different filter chain proxies, one for whatever JHipster is trying to do and one for the SAML flow.

tud commented 7 years ago

yes I know :-) I added your library and demo code just for compiling it as first step

I did many test and I'm able to see SSOCircle page now :-) Essentially I did 3 steps:

  1. I added to JhipstersamlApp.java file: @SpringBootApplication @EnableSAMLSSO
  2. I removed from SecurityConfiguration.java file @EnableWebSecurity
  3. I removed from pom.xml file: test

    for assertj-core dependency your library needs

I committed to demo project this updates

ulisesbocchio commented 7 years ago

@tud any updates on this? If you ever make it work with Jhipster let me know, I'll be more than happy to add an example in the samples repo.

MGZero commented 7 years ago

@ulisesbocchio I'm actually running into a similar issue using the example config (not using jhipster though). Would you mind taking a look?

MGZero commented 7 years ago

nevermind, figured it out

geoffsee commented 5 years ago

Thanks @MGZero