All geek questions in one place

Configuring Spring SAML for SSO with PingFederate

We decided to use Ping Federate as our SSO solution. I searched for a lot of examples, but did not find a spring configuration that clearly describes how I need to configure my SP and / or IdP on the PingFederate side. I have not found a spring document that describes what I need to implement this.

Any help is very valuable.

+4
source share
1 answer

There is currently no step-by-step guide on setting up a federation between Spring SAML and Ping, but the steps are very similar to what is described in the quick start of the Spring SAML tutorial .

- , Spring SAML, Ping, Spring.

:

  • Spring SAML
  • SP https://server:port/context/saml/metadata ( URL- , )
  • Ping, " SP", , , , ,
  • IDP Ping → , .
  • IDP SAML Spring ( )

Ping.

( bean) :

<bean id="metadata" class="org.springframework.security.saml.metadata.CachingMetadataManager">
    <constructor-arg>
        <list>
            <bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
                <constructor-arg>
                    <bean class="org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider">
                        <constructor-arg>
                            <value type="java.io.File">classpath:security/idp.xml</value>
                        </constructor-arg>
                        <property name="parserPool" ref="parserPool"/>
                    </bean>
                </constructor-arg>
                <constructor-arg>
                    <bean class="org.springframework.security.saml.metadata.ExtendedMetadata"/>
                </constructor-arg>
                <property name="metadataTrustCheck" value="false"/>
            </bean>
        </list>
    </constructor-arg>
</bean>

/security/idp.xml PF. ExtendedMetadata beans ( SSO Circle). bean "" , IDP .

+5

Source: https://habr.com/ru/post/1539653/

More articles:


All Articles