Spring security Spring Security多重身份验证提供程序无法访问第二个
我有一个使用Spring Security的应用程序,它使用的是自定义身份验证提供程序。我现在需要在混合中添加一个SAML IDP。因此,我启动并运行了示例SAML应用程序,并使用该安全上下文作为基础。我对经理的定义如下:Spring security Spring Security多重身份验证提供程序无法访问第二个,spring-security,saml,spring-saml,Spring Security,Saml,Spring Saml,我有一个使用Spring Security的应用程序,它使用的是自定义身份验证提供程序。我现在需要在混合中添加一个SAML IDP。因此,我启动并运行了示例SAML应用程序,并使用该安全上下文作为基础。我对经理的定义如下: <security:authentication-manager alias="authenticationManager"> <security:authentication-provider ref="myAuthenticationProvi
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="myAuthenticationProvider" />
<security:authentication-provider ref="samlAuthenticationProvider"/>
</security:authentication-manager>
我已经阅读了几次文档,它似乎表明这是可以做到的,但我没有看到一个例子。有人举过使用SAML和基本身份验证的例子吗?我认为您不需要为新的IDP添加额外的身份验证提供程序。你只需要添加一个新的??在您的CachingMetadataManager Bean中。在示例应用程序中提供的securityContext.xml中:
<!-- IDP Metadata configuration - paths to metadata of IDPs in circle of trust is here -->
<bean id="metadata" class="org.springframework.security.saml.metadata.CachingMetadataManager">
<constructor-arg>
<list>
<!-- Example of classpath metadata with Extended Metadata -->
<bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
<constructor-arg>
<bean class="org.opensaml.saml2.metadata.provider.ResourceBackedMetadataProvider">
<constructor-arg>
<bean class="java.util.Timer"/>
</constructor-arg>
<constructor-arg>
<bean class="org.opensaml.util.resource.ClasspathResource">
<constructor-arg value="/metadata/idp.xml"/>
</bean>
</constructor-arg>
<property name="parserPool" ref="parserPool"/>
</bean>
</constructor-arg>
<constructor-arg>
<bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
</bean>
</constructor-arg>
</bean>
<!-- Example of HTTP metadata without Extended Metadata -->
<bean class="org.opensaml.saml2.metadata.provider.HTTPMetadataProvider">
<!-- URL containing the metadata -->
<constructor-arg>
<value type="java.lang.String">http://idp.ssocircle.com/idp-meta.xml</value>
</constructor-arg>
<!-- Timeout for metadata loading in ms -->
<constructor-arg>
<value type="int">15000</value>
</constructor-arg>
<property name="parserPool" ref="parserPool"/>
</bean>
<!-- Example of file system metadata without Extended Metadata -->
<bean class="org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider">
<constructor-arg>
<value type="java.io.File">/usr/local/metadata/idp.xml</value>
</constructor-arg>
<property name="parserPool" ref="parserPool"/>
</bean>
</list>
</constructor-arg>
</bean>
http://idp.ssocircle.com/idp-meta.xml
15000
/usr/local/metadata/idp.xml
如果取消注释列表中的第二个bean,它将启用在
/usr/local/metadata/IDP.xml<!-- IDP Metadata configuration - paths to metadata of IDPs in circle of trust is here -->
<bean id="metadata" class="org.springframework.security.saml.metadata.CachingMetadataManager">
<constructor-arg>
<list>
<!-- Example of classpath metadata with Extended Metadata -->
<bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
<constructor-arg>
<bean class="org.opensaml.saml2.metadata.provider.ResourceBackedMetadataProvider">
<constructor-arg>
<bean class="java.util.Timer"/>
</constructor-arg>
<constructor-arg>
<bean class="org.opensaml.util.resource.ClasspathResource">
<constructor-arg value="/metadata/idp.xml"/>
</bean>
</constructor-arg>
<property name="parserPool" ref="parserPool"/>
</bean>
</constructor-arg>
<constructor-arg>
<bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
</bean>
</constructor-arg>
</bean>
<!-- Example of HTTP metadata without Extended Metadata -->
<bean class="org.opensaml.saml2.metadata.provider.HTTPMetadataProvider">
<!-- URL containing the metadata -->
<constructor-arg>
<value type="java.lang.String">http://idp.ssocircle.com/idp-meta.xml</value>
</constructor-arg>
<!-- Timeout for metadata loading in ms -->
<constructor-arg>
<value type="int">15000</value>
</constructor-arg>
<property name="parserPool" ref="parserPool"/>
</bean>
<!-- Example of file system metadata without Extended Metadata -->
<bean class="org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider">
<constructor-arg>
<value type="java.io.File">/usr/local/metadata/idp.xml</value>
</constructor-arg>
<property name="parserPool" ref="parserPool"/>
</bean>
</list>
</constructor-arg>
</bean>
http://idp.ssocircle.com/idp-meta.xml
15000
/usr/local/metadata/idp.xml
如果取消注释列表中的第二个bean,它将启用在
/usr/local/metadata/IDP.xml