Home Esplora Aiuto
Registrati Accedi
github
/
spring-security
mirror da https://github.com/spring-projects/spring-security
2
0
Forka 0
File Problemi 0 Wiki
Sfoglia il codice sorgente

Update shouldConvertGetRequests Migration Steps

Issue gh-17099
Josh Cummings 2 mesi fa
parent
f73f253beb
commit
492444c588
1 ha cambiato i file con 6 aggiunte e 8 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 6 8
      docs/modules/ROOT/pages/migration/servlet/oauth2.adoc

+ 6 - 8
docs/modules/ROOT/pages/migration/servlet/oauth2.adoc
Vedi File 

@@ -83,9 +83,9 @@ fun jwtDecoder(): JwtDecoder {
 
 
 Spring Security does not support processing `<saml2:Response>` payloads over GET as this is not supported by the SAML 2.0 spec.
 
 
-To better comply with this, `Saml2AuthenticationTokenConverter` will not process GET requests by default as of Spring Security 8.
 
+To better comply with this, `Saml2AuthenticationTokenConverter`, `OpenSaml4AuthenticationTokenConverter`, and `OpenSaml5AuthenticationTokenConverter` will not process GET requests by default as of Spring Security 8.
 
 To prepare for this, the property `shouldConvertGetRequests` is available.
 
-To use it, publish your own `Saml2AuthenticationTokenConverter` like so:
 
+To use it, publish your own converter like so:
 
 
 [tabs]
 
 ======
 
@@ -94,9 +94,8 @@ Java::
 
 [source,java,role="primary"]
 
 ----
 
 @Bean
 
-Saml2AuthenticationTokenConverter authenticationConverter(RelyingPartyRegistrationRepository registrations) {
 
-	Saml2AuhenticationTokenConverter authenticationConverter = new Saml2AuthenticationTokenConverter(
 
-		new DefaultRelyingPartyRegistrationResolver(registrations));
 
+OpenSaml5AuthenticationTokenConverter authenticationConverter(RelyingPartyRegistrationRepository registrations) {
 
+	OpenSaml5AuthenticationTokenConverter authenticationConverter = new OpenSaml5AuthenticationTokenConverter(registrations);
 
 	authenticationConverter.setShouldConvertGetRequests(false);
 
 	return authenticationConverter;
 
 }
 
@@ -108,12 +107,11 @@ Kotlin::
 
 ----
 
 @Bean
 
 fun authenticationConverter(val registrations: RelyingPartyRegistrationRepository): Saml2AuthenticationTokenConverter {
 
-	val authenticationConverter = new Saml2AuthenticationTokenConverter(
 
-        DefaultRelyingPartyRegistrationResolver(registrations))
 
+	val authenticationConverter = Saml2AuthenticationTokenConverter(registrations)
 
 	authenticationConverter.setShouldConvertGetRequests(false)
 
 	return authenticationConverter
 
 }
 
 ----
 
 ======
 
 
-If you must continue using `Saml2AuthenticationTokenConverter` to process GET requests, you can call `setShouldConvertGetRequests` to `true.`
 
+If you must continue using `Saml2AuthenticationTokenConverter`, `OpenSaml4AuthenticationTokenConverter`, or `OpenSaml5AuthenticationTokenConverter` to process GET requests, you can call `setShouldConvertGetRequests` to `true.`