Skip to content

Commit

Permalink
Update READMEs
Browse files Browse the repository at this point in the history 
- Stated Docker dependencies
- Updated u/p information
  • Loading branch information
@jzheaux
jzheaux committed Nov 7, 2024
1 parent d358e80 commit 58ba384
Show file tree
Hide file tree
Showing 3 changed files with 113 additions and 89 deletions.
64 changes: 39 additions & 25 deletions servlet/spring-boot/java/saml2/login/README.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,45 @@ module which is new in Spring Security 5.2.

The https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[SAML 2.0 Logout feature] is new in Spring Security 5.6.

== Run the Sample

=== Install Docker

This sample requires Docker to run a local IdP.
As an alternative, you can point the sample at your own IdP by changing the `application.yml` here:

[source,java]
----
spring:
security:
saml2:
relyingparty:
registration:
one:
assertingparty.metadata-uri: {your-idp-metadata-endpoint}
// ...
two:
assertingparty.metadata-uri: {your-idp-metadata-endpoint}
----

=== Start up the Sample Boot Application
```
./gradlew :servlet:spring-boot:java:saml2:login:bootRun
```

=== Open a Browser

http://localhost:8080/

You will be redirected to the SimpleSAMLPHP instance.

=== Type in your credentials

```
User: user1
Password: user1pass
```

== Goals

=== SAML 2.0 Login
Expand All @@ -29,28 +68,3 @@ On this sample, the SAML 2.0 Logout is using the HTTP-POST binding.

You can refer to the https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[reference documentation] for more details about the RP- and AP-initiated SAML 2.0 Logout.

== Run the Sample

=== Prerequisites

This sample requires Docker in order to stand up the identity provider.
If you don't have Docker, you can alternatively disable Docker in `application.yml` and stand up your own IdP.

=== Start up the Sample Boot Application
```
./gradlew :servlet:spring-boot:java:saml2:login:bootRun
```

=== Open a Browser

http://localhost:8080/

You will be redirected to a chooser page where you can pick between one of two identity providers.

=== Type in your credentials

```
User: user1
Password: user1pass
```

53 changes: 32 additions & 21 deletions servlet/spring-boot/java/saml2/refreshable-metadata/README.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,37 @@ module which is new in Spring Security 5.2.

The https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html[SAML 2.0 Logout feature] is new in Spring Security 5.6.

== Run the Sample

=== Install Docker

This sample requires Docker to run a local IdP.
As an alternative, you can point the sample at your own IdP by changing the `application.yml` here:

[source,java]
----
saml2:
ap.metadata: {your-idp-metadata-endpoint}
----

=== Start up the Sample Boot Application
```
./gradlew :servlet:spring-boot:java:saml2:refreshable-metadata:bootRun
```

=== Open a Browser

http://localhost:8080/

You will be redirected to the SimpleSAMLPHP instance.

=== Type in your credentials

```
User: user1
Password: user1pass
```

== Goals

=== SAML 2.0 Login
Expand All @@ -32,27 +63,7 @@ You can refer to the https://docs.spring.io/spring-security/reference/servlet/sa
=== Refreshable Asserting Party Metadata

The application uses a custom implementation of `RelyingPartyRegistrationRepository` to achieve Asserting Party Metadata refresh feature.
This particular implementation uses a `@Scheduled` annotation to update its metadata every 30 minutes.

== Run the Sample

=== Start up the Sample Boot Application
```
./gradlew :servlet:spring-boot:java:saml2:refreshable-metadata:bootRun
```

=== Open a Browser

http://localhost:8080/

You will be redirect to the Okta SAML 2.0 IDP

=== Type in your credentials

```
User: [email protected]
Password: 12345678
```
This particular implementation relies on an OpenSAML component that refreshes the metadata.



85 changes: 42 additions & 43 deletions servlet/spring-boot/java/saml2/saml-extension-federation/README.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,45 @@ This code uses `RelyingPartyRegistrations#collectionFromMetadata` to demonstrate

See the https://github.com/spring-projects/spring-security/wiki/SAML-2.0-Migration-Guide[SAML 2.0 Migration Guide] for more details about the migration.

== Run the Sample

=== Install Docker

This sample requires Docker to run a local IdP.
As an alternative, you can point the sample at your own IdP by changing the `application.yml` here:

[source,java]
----
spring:
security:
saml2:
relyingparty:
registration:
one:
assertingparty.metadata-uri: {your-idp-metadata-endpoint}
// ...
two:
assertingparty.metadata-uri: {your-idp-metadata-endpoint}
----

=== Start up the Sample Boot Application
```
./gradlew :servlet:spring-boot:java:saml2:saml-extension-federation:bootRun
```

=== Open a Browser

http://localhost:8080/

You will be redirected to the SimpleSAMLPHP instance.

=== Type in your credentials

```
User: user1
Password: user1pass
```

== Key Changes

=== URL Forwarding Filter
Expand Down Expand Up @@ -51,48 +90,8 @@ public class SamlExtensionUrlForwardingFilter extends OncePerRequestFilter {
}
----

=== application.yml

[source%linenums,yml]
----
spring:
security:
filter:
dispatcher-types: async, error, request, forward <1>
saml2:
relyingparty:
registration:
one:
singlelogout:
binding: POST
url: "{baseUrl}/saml/logout" <2>
responseUrl: "{baseUrl}/saml/SingleLogout" <3>
acs:
location: "{baseUrl}/saml/SSO" <4>
assertingparty.metadata-uri: https://dev-05937739.okta.com/app/exk598vc9bHhwoTXM5d7/sso/saml/metadata
----

==== `RelyingPartyRegistration` properties
=== `RelyingPartyMetadata` configuration component

The `RelyingPartyRegistration` properties should also be customized to match the values that were used by the SAML Extension (see <2>, <3> and <4> above).
The `RelyingPartyRegistration` properties are customized to match the values that were used by the SAML Extension.

== Run the Sample

=== Start up the Sample Boot Application
```
./gradlew :servlet:spring-boot:java:saml2:saml-extension-federation:bootRun
```

=== Open a Browser

http://localhost:8080/

Select the first IdP listed.
You will be redirect to the Okta SAML 2.0 IDP

=== Type in your credentials

```
User: [email protected]
Password: 12345678
```
These reside in `RelyingPartyMetadata`.

0 comments on commit 58ba384

Please sign in to comment.