使用spring-security-saml在應用中未配置IDP錯誤
[英]No IDP was configured error in app using spring-security-saml
問題描述
我正在基於https://github.com/vdenotaris/spring-boot-security-saml-sample上的示例代碼使用Spring Boot和Spring Security SAML編寫一個Web應用程序。 當我嘗試在應用程序中訪問安全URL時,出現以下異常:
org.opensaml.saml2.metadata.provider.MetadataProviderException: No IDP was configured, please update included metadata with at least one IDP
我正在配置IDP,如下所示:
@Bean
@Qualifier("idp-wwu")
public ExtendedMetadataDelegate wwuExtendedMetadataProvider() throws MetadataProviderException {
log.debug("Adding wwu IDP metadata provider");
@SuppressWarnings({"deprecation"})
HTTPMetadataProvider httpMetadataProvider = new HTTPMetadataProvider("https://sidp.wwu.edu/idp/profile/Metadata/SAML", 5000);
httpMetadataProvider.setParserPool(parserPool());
ExtendedMetadataDelegate extendedMetadataDelegate = new ExtendedMetadataDelegate(httpMetadataProvider, extendedMetadata());
extendedMetadataDelegate.setMetadataTrustCheck(false);
extendedMetadataDelegate.setMetadataRequireSignature(false);
return extendedMetadataDelegate;
}
@Bean
@Qualifier("metadata")
public CachingMetadataManager metadata() throws MetadataProviderException {
List<MetadataProvider> providers = new ArrayList<MetadataProvider>();
providers.add(wwuExtendedMetadataProvider());
log.debug("Added wwu IDP metadata provider");
return new CachingMetadataManager(providers);
}
從調試輸出中,似乎已配置了IDP:
2015-01-20 09:08:07.097 DEBUG 50730 --- [ost-startStop-1] e.w.a.r.g.config.WebSecurityConfig : Adding wwu IDP metadata provider
2015-01-20 09:08:07.131 DEBUG 50730 --- [ost-startStop-1] e.w.a.r.g.config.WebSecurityConfig : Added wwu IDP metadata provider
2015-01-20 09:08:07.169 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Creating metadata reload timer with interval 10000
2015-01-20 09:08:07.172 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Clearing metadata cache
2015-01-20 09:08:07.172 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Reloading metadata
2015-01-20 09:08:07.173 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Refreshing metadata provider org.opensaml.saml2.metadata.provider.HTTPMetadataProvider@71728250
2015-01-20 09:08:07.173 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Trust verification skipped for metadata provider org.opensaml.saml2.metadata.provider.HTTPMetadataProvider@71728250
2015-01-20 09:08:07.175 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Created new trust manager for metadata provider org.opensaml.saml2.metadata.provider.HTTPMetadataProvider@71728250
2015-01-20 09:08:07.176 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Adding signature filter
2015-01-20 09:08:07.176 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Initializing extendedMetadataDelegate org.opensaml.saml2.metadata.provider.HTTPMetadataProvider@71728250
2015-01-20 09:08:07.176 DEBUG 50730 --- [ost-startStop-1] o.s.s.s.m.ExtendedMetadataDelegate : Initializing delegate
2015-01-20 09:08:07.477 INFO 50730 --- [ost-startStop-1] .s.m.p.AbstractReloadingMetadataProvider : New metadata succesfully loaded for 'https://sidp.wwu.edu/idp/profile/Metadata/SAML'
2015-01-20 09:08:07.480 INFO 50730 --- [ost-startStop-1] .s.m.p.AbstractReloadingMetadataProvider : Next refresh cycle for metadata provider 'https://sidp.wwu.edu/idp/profile/Metadata/SAML' will occur on '2015-01-20T20:08:07.287Z' ('2015-01-20T12:08:07.287-08:00' local time)
2015-01-20 09:08:07.480 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Initializing provider data org.opensaml.saml2.metadata.provider.HTTPMetadataProvider@71728250
2015-01-20 09:08:07.481 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Found metadata EntityDescriptor with ID
2015-01-20 09:08:07.482 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Remote entity https://sidp.wwu.edu/idp/shibboleth available
2015-01-20 09:08:07.483 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Metadata provider was initialized org.opensaml.saml2.metadata.provider.HTTPMetadataProvider@71728250
2015-01-20 09:08:07.483 DEBUG 50730 --- [ost-startStop-1] o.s.s.saml.metadata.MetadataManager : Reloading metadata was finished
我究竟做錯了什么?
1 個解決方案
解決方案1
1 已采納 2015-01-21 06:06:52
我認為問題出在您要導入的元數據中 -它不完整。 沒有元素IDPSSODescriptor ,因此沒有要導入的IDP:
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://sidp.wwu.edu/idp/shibboleth" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><ContactPerson contactType="other" xmlns:icmd="http://id.incommon.org/metadata"><GivenName>Linc Nesheim</GivenName><EmailAddress xmlns="urn:oasis:names:tc:SAML:2.0:metadata">linc.nesheim@wwu.edu</EmailAddress></ContactPerson></EntityDescriptor>
將Spring Security SAML 2.0與ADFS 2.0作為IDP集成的問題
[英]Issues with integrating spring security saml 2.0 with adfs 2.0 as idp
如何在Spring Security SAML示例中配置IDP元數據和SP元數據?
[英]How to configuration of IDP metadata and SP metadata in Spring Security SAML sample?
Spring Security SAML:僅接受來自IDP的簽名SAML響應消息
[英]Spring Security SAML: Accept only signed SAML response messages from IDP
通過集成Spring SAML(作為SP)和SimpleSAML(作為IdP)來轉發錯誤
[英]Forward error by integrating Spring SAML (as SP) and SimpleSAML (as IdP)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
Spring 安全 SAML2 使用 G Suite 作為 Idp
使用Spring SAML自動重定向到IdP
使用Spring SAML作為IDP而不是SP
Spring Security SAML2使用多個IDP
將Spring Security SAML 2.0與ADFS 2.0作為IDP集成的問題
Spring security Saml - SP和IDP之間的時差
如何在Spring Security SAML示例中配置IDP元數據和SP元數據?
與 SAML 和 Spring Security 的連接錯誤
Spring Security SAML:僅接受來自IDP的簽名SAML響應消息
通過集成Spring SAML(作為SP)和SimpleSAML(作為IdP)來轉發錯誤
相關標簽