【发布时间】:2016-08-06 10:33:21
【问题描述】:
我遇到了一个似乎无法解决的严重问题。我一直在这里使用 Spring Boot 示例:https://github.com/vdenotaris/spring-boot-security-saml-sample 来集成新的 SP。使用 HttpMetaDataProvider 时一切顺利,但最近我不得不更改为使用 FileSystemMetadataProvider,但情况并不顺利。
我的所有元数据似乎都已正确加载,但是当我执行身份验证请求时,我得到:
org.springframework.security.saml.websso.ArtifactResolutionProfileBase.resolveArtifact(ArtifactResolutionProfileBase.java:77)
我已经调试了这个问题,看起来 MetadataManager 在 ArtifactResolutionProfileBase 中为空,但是,我不知道为什么,我只是卡住了!
这是我的配置:
// Setup advanced info about metadata
@Bean
@Qualifier("idp-extended-metadata")
public ExtendedMetadata idpExtendedMetadata() {
ExtendedMetadata extendedMetadata = new ExtendedMetadata();
return extendedMetadata;
}
// Setup advanced info about metadata
@Bean
@Qualifier("sp-extended-metadata")
public ExtendedMetadata spExtendedMetadata() {
ExtendedMetadata extendedMetadata = new ExtendedMetadata();
//sp meta data needs local set
extendedMetadata.setLocal(true);
extendedMetadata.setIdpDiscoveryEnabled(false);
extendedMetadata.setIdpDiscoveryResponseURL(environment.getProperty("sp.base.url"));
extendedMetadata.setSignMetadata(false);
extendedMetadata.setSigningKey("student-saml");
extendedMetadata.setEncryptionKey("student-saml");
extendedMetadata.setRequireArtifactResolveSigned(false);
extendedMetadata.setRequireLogoutRequestSigned(false);
extendedMetadata.setRequireLogoutResponseSigned(false);
return extendedMetadata;
}
@Bean
@Qualifier("ccc-idp")
public ExtendedMetadataDelegate CCCIdpExtendedMetadataProvider()
throws MetadataProviderException, IOException {
DefaultResourceLoader loader = new DefaultResourceLoader();
Resource metadatafile = loader.getResource("classpath:" + environment.getProperty("ccc.idp.metadatafile"));
FilesystemMetadataProvider filesystemMetadataProvider = new FilesystemMetadataProvider(metadatafile.getFile());
filesystemMetadataProvider.setParserPool(parserPool());
ExtendedMetadataDelegate extendedMetadataDelegate =
new ExtendedMetadataDelegate(filesystemMetadataProvider, idpExtendedMetadata());
extendedMetadataDelegate.setMetadataTrustCheck(false);
extendedMetadataDelegate.setMetadataRequireSignature(false);
extendedMetadataDelegate.initialize();
return extendedMetadataDelegate;
}
@Bean
@Qualifier("student-sp-metadata")
public ExtendedMetadataDelegate studentSPMetadata()
throws MetadataProviderException, IOException {
DefaultResourceLoader loader = new DefaultResourceLoader();
Resource metadatafile = loader.getResource("classpath:" + environment.getProperty("student.sp.metadatafile"));
FilesystemMetadataProvider filesystemMetadataProvider = new FilesystemMetadataProvider(metadatafile.getFile());
filesystemMetadataProvider.setParserPool(parserPool());
ExtendedMetadataDelegate extendedMetadataDelegate =
new ExtendedMetadataDelegate(filesystemMetadataProvider, spExtendedMetadata());
extendedMetadataDelegate.setMetadataTrustCheck(false);
extendedMetadataDelegate.setMetadataRequireSignature(false);
extendedMetadataDelegate.initialize();
return extendedMetadataDelegate;
}
// Do not forget to call iniitalize method on providers
@Bean
@Qualifier("metadata")
public MetadataManager metadata() throws MetadataProviderException, IOException {
List<MetadataProvider> providers = new ArrayList<MetadataProvider>();
ExtendedMetadataDelegate spMeta = studentSPMetadata();
ExtendedMetadataDelegate idpMeta = CCCIdpExtendedMetadataProvider();
providers.add(idpMeta);
providers.add(spMeta);
MetadataManager meta = new MetadataManager(providers);
meta.setHostedSPName(environment.getProperty("sp.entity.id"));
meta.setKeyManager(keyManager());
return meta;
}
任何帮助将不胜感激!
【问题讨论】:
标签: spring spring-security spring-boot saml-2.0 spring-saml