Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Tree: 2258699f5d
Branches Tags
spring-security
/
docs
/
modules
/
ROOT
/
pages
/
servlet
/
saml2
/
opensaml.adoc

opensaml.adoc 2.4 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. = OpenSAML Support
    2. 

  2. 

  3. Spring Security provides an API for implementing SAML 2.0 features, and it also provides a default implementation using OpenSAML.
    4. 

  4. 

  5. Because Spring Security supports more than one version of OpenSAML at the same time, the components use the following naming convention:
    6. 

  6. 

  7. * Any component that is usable across all supported versions is named `OpenSamlXXX`.
    8. 

  8. * Any component that targets OpenSAML 4.x is named `OpenSaml4XXX`
    9. 

  9. * Any component that targets OpenSAML 5.x is named `OpenSaml5XXX`
    10. 

  10. 

  11. `spring-security-config` selects between these implementations by default by discovering which version your application is currently using.
    12. 

  12. For example, if you are using OpenSAML 4, Spring Security will use the `OpenSaml4XXX` components.
    13. 

  13. 

  14. == Selecting OpenSAML 4
    15. 

  15. 

  16. Spring Security depends on OpenSAML 4 by default, so you need do nothing to begin using it other than importing the `spring-security-saml` dependency.
    17. 

  17. 

  18. == Selecting OpenSAML 5
    19. 

  19. 

  20. To use OpenSAML, you should override the `opensaml` dependencies as follows:
    21. 

  21. 

  22. [tabs]
    23. 

  23. ======
    24. 

  24. Maven::
    25. 

  25. +
    26. 

  26. [source,maven,role="primary"]
    27. 

  27. ----
    28. 

  28. <dependencies>
    29. 

  29.     <dependency>
    30. 

  30.         <groupId>org.springframework.security</groupId>
    31. 

  31.         <artifactId>spring-security-saml2-service-provider</artifactId>
    32. 

  32.         <exclusions>
    33. 

  33.             <exclusion>
    34. 

  34.                 <groupId>org.opensaml</groupId>
    35. 

  35.                 <artifactId>*</artifactId>
    36. 

  36.             </exclusion>
    37. 

  37.         </exclusions>
    38. 

  38.     </dependency>
    39. 

  39.     <dependency>
    40. 

  40.         <groupId>org.opensaml</groupId>
    41. 

  41.         <artifactId>opensaml-saml-api</artifactId>
    42. 

  42.         <version>5.1.2</version>
    43. 

  43.     </dependency>
    44. 

  44.     <dependency>
    45. 

  45.         <groupId>org.opensaml</groupId>
    46. 

  46.         <artifactId>opensaml-saml-impl</artifactId>
    47. 

  47.         <version>5.1.2</version>
    48. 

  48.     </dependency>
    49. 

  49. </dependencies>
    50. 

  50. ----
    51. 

  51. 

  52. Gradle::
    53. 

  53. +
    54. 

  54. [source,gradle,role="secondary"]
    55. 

  55. ----
    56. 

  56. dependencies {
    57. 

  57.     constraints {
    58. 

  58.         implementation "org.opensaml:opensaml-core-api:5.1.2"
    59. 

  59.         implementation "org.opensaml:opensaml-core-impl:5.1.2"
    60. 

  60.         implementation "org.opensaml:opensaml-saml-api:5.1.2"
    61. 

  61.         implementation "org.opensaml:opensaml-saml-impl:5.1.2"
    62. 

  62.     }
    63. 

  63. 

  64.     // ...
    65. 

  65. 

  66.     implementation ('org.springframework.security:spring-security-saml2-service-provider') {
    67. 

  67.         exclude group: "org.opensaml", module: "opensaml-core"
    68. 

  68.     }
    69. 

  69. 

  70.     // ...
    71. 

  71. }
    72. 

  72. ----
    73. 

  73. ======
    74. 

  74. 

  75. [NOTE]
    76. 

  76. The exclusion is necessary because OpenSAML 5 splits `opensaml-core` into `opensaml-core-api` and `opensaml-core-impl`
    77.