Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
- <constructor-arg>
- <bean class="org.opensaml.saml2.metadata.provider.ResourceBackedMetadataProvider">
- <constructor-arg>
- <bean class="java.util.Timer"/>
- </constructor-arg>
- <constructor-arg>
- <bean class="org.opensaml.util.resource.ClasspathResource">
- <constructor-arg value="/metadata/my_sp.xml"/>
- </bean>
- </constructor-arg>
- <property name="parserPool" ref="parserPool"/>
- </bean>
- </constructor-arg>
- <constructor-arg>
- <bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
- <property name="local" value="true"/>
- <property name="securityProfile" value="metaiop"/>
- <property name="sslSecurityProfile" value="pkix"/>
- <property name="sslHostnameVerification" value="allowAll"/>
- <property name="signMetadata" value="false"/>
- <property name="signingKey" value="apollo"/>
- <property name="encryptionKey" value="apollo"/>
- <property name="requireArtifactResolveSigned" value="false"/>
- <property name="requireLogoutRequestSigned" value="false"/>
- <property name="requireLogoutResponseSigned" value="false"/>
- <property name="idpDiscoveryEnabled" value="true"/>
- <property name="idpDiscoveryURL" value="https://.../kerberoslogin/samlwebsso"/>
- <property name="idpDiscoveryResponseURL" value="http://localhost:80/MYDEMO/saml/login?disco=true"/>
- </bean>
- </constructor-arg>
- <security:authentication-manager alias="authenticationManager">
- <!-- Register authentication manager for SAML provider -->
- <security:authentication-provider ref="samlAuthenticationProvider"/>
- </security:authentication-manager>
- <bean id="samlAuthenticationProvider"
- class="my.demo.server.CustomSAMLAuthenticationProvider">
- <property name="dataSource" ref="dataSourceAuthentication"/>
- </bean>
- <bean id="dataSourceAuthentication" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
- <property name="driverClassName" value="com.microsoft.sqlserver.jdbc.SQLServerDriver" />
- <property name="url" value="jdbc:sqlserver://....:1433;DatabaseName=...;User=...;Password=..." />
- <property name="username" value="..." />
- <property name="password" value="..." />
- </bean>
- .... <md:NameIDFormat>acns:id</md:NameIDFormat> ....
- public class CustomSAMLAuthenticationProvider extends SAMLAuthenticationProvider {
- DataSource dataSource;
- public void setDataSource(DataSource dataSource) {
- this.dataSource = dataSource;
- }
- @Override
- public Authentication authenticate(Authentication authentication) {
- Authentication auth = super.authenticate(authentication);
- UserDetails u = (UserDetails)auth.getDetails();
- if (u != null) {
- if (!u.isEnabled()) {
- return null;
- }
- }
- return auth;
- }
- public DSResponse fetch(DSRequest dsRequest, HttpServletRequest request, Authentication authentication) throws Exception {
- Authentication auth = super.authenticate(authentication);
- UserDetails u = (UserDetails)auth.getDetails();
- DSResponse response = dsRequest.execute();
- response.setData(u);
- return response;
- }
- @Override
- protected Object getUserDetails(SAMLCredential credential) {
- Object details = super.getUserDetails(credential);
- if (details != null) {
- return details;
- }
- Connection con = null;
- PreparedStatement stmt = null;
- ResultSet rs = null;
- String userName = credential.getNameID().getValue();
- ArrayList<GrantedAuthority> roles = new ArrayList<GrantedAuthority>();
- try {
- // ... querry sql data -> roles
- } catch (SQLException e) {
- //...
- }
- return new User(userName, "", true, true, true, true, roles);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement