我正在尝试使用Spring's SAML extension
配置SAML身份验证。使用Java Configuration
以注释方式尝试时。我需要获取IDP metadata file
和SP metadata file
来创建metadataManager
bean。
以下是相关配置:
@Bean(name="idpMetadata")
public ExtendedMetadataDelegate idpMetaData(){
FilesystemMetadataProvider metadataProvider = null;
try {
metadataProvider = new FilesystemMetadataProvider(idpMetadataFile);
metadataProvider.setParserPool(parserPool());
}
catch (MetadataProviderException e) {
e.printStackTrace();
}
ExtendedMetadataDelegate metaDataDelegate =
new ExtendedMetadataDelegate(metadataProvider, new ExtendedMetadata());
return metaDataDelegate;
}
@Bean(name="spMetadata")
public ExtendedMetadataDelegate spMetaData(){
FilesystemMetadataProvider metadataProvider = null;
try {
metadataProvider = new FilesystemMetadataProvider(spMetadataFile);
metadataProvider.setParserPool(parserPool());
}
catch (MetadataProviderException e) {
e.printStackTrace();
}
ExtendedMetadata extendedMetadata = new ExtendedMetadata();
extendedMetadata.setLocal(true);
extendedMetadata.setAlias("defaultAlias");
extendedMetadata.setSecurityProfile("metaiop");
extendedMetadata.setSslSecurityProfile("pkix");
extendedMetadata.setRequireArtifactResolveSigned(true);
extendedMetadata.setRequireLogoutRequestSigned(true);
extendedMetadata.setRequireLogoutResponseSigned(false);
extendedMetadata.setIdpDiscoveryEnabled(false);
ExtendedMetadataDelegate metaDataDelegate =
new ExtendedMetadataDelegate(metadataProvider, extendedMetadata);
return metaDataDelegate;
}
我的问题是我无法在此处获取文件内容。 spMetadataFile
和idpMetadataFile
为空。如果存储在项目的类路径中,我不知道如何注入或删除这些文件。
请帮忙。
答案 0 :(得分:0)
此代码适用于我自己的SP实现:
@Bean
@Qualifier("yourMetadataProvider")
public ExtendedMetadataDelegate yourMetadataProvider()
throws MetadataProviderException, IOException {
String path = "<metadata_path>";
FilesystemMetadataProvider filesystemMetadataProvider = new FilesystemMetadataProvider(
new File(path));
filesystemMetadataProvider.setParserPool(parserPool());
ExtendedMetadataDelegate emd = new ExtendedMetadataDelegate(
filesystemMetadataProvider, new ExtendedMetadata());
// Your config
emd.setLocal(true);
emd.setAlias("defaultAlias");
emd.setSecurityProfile("metaiop");
emd.setSslSecurityProfile("pkix");
emd.setRequireArtifactResolveSigned(true);
emd.setRequireLogoutRequestSigned(true);
emd.setRequireLogoutResponseSigned(false);
emd.setIdpDiscoveryEnabled(false);
return emd;
}
设置元数据文件的路径时要小心。