Spring security 在SpringJava配置中注入文件
我正在尝试使用Spring的SAML扩展配置SAML身份验证。使用Spring security 在SpringJava配置中注入文件,spring-security,spring-saml,Spring Security,Spring Saml,我正在尝试使用Spring的SAML扩展配置SAML身份验证。使用Java配置以注释方式尝试时。我需要获取IDP元数据文件和SP元数据文件,以创建metadataManagerbean 以下是相关配置: @Bean(name="idpMetadata") public ExtendedMetadataDelegate idpMetaData(){ FilesystemMetadataProvider metadataProvider = null; try { m
Java配置IDP元数据文件SP元数据文件metadataManager@Bean(name="idpMetadata")
public ExtendedMetadataDelegate idpMetaData(){
FilesystemMetadataProvider metadataProvider = null;
try {
metadataProvider = new FilesystemMetadataProvider(idpMetadataFile);
metadataProvider.setParserPool(parserPool());
}
catch (MetadataProviderException e) {
e.printStackTrace();
}
ExtendedMetadataDelegate metaDataDelegate =
new ExtendedMetadataDelegate(metadataProvider, new ExtendedMetadata());
return metaDataDelegate;
}
@Bean(name="spMetadata")
public ExtendedMetadataDelegate spMetaData(){
FilesystemMetadataProvider metadataProvider = null;
try {
metadataProvider = new FilesystemMetadataProvider(spMetadataFile);
metadataProvider.setParserPool(parserPool());
}
catch (MetadataProviderException e) {
e.printStackTrace();
}
ExtendedMetadata extendedMetadata = new ExtendedMetadata();
extendedMetadata.setLocal(true);
extendedMetadata.setAlias("defaultAlias");
extendedMetadata.setSecurityProfile("metaiop");
extendedMetadata.setSslSecurityProfile("pkix");
extendedMetadata.setRequireArtifactResolveSigned(true);
extendedMetadata.setRequireLogoutRequestSigned(true);
extendedMetadata.setRequireLogoutResponseSigned(false);
extendedMetadata.setIdpDiscoveryEnabled(false);
ExtendedMetadataDelegate metaDataDelegate =
new ExtendedMetadataDelegate(metadataProvider, extendedMetadata);
return metaDataDelegate;
}
spMetadataFileidpmatadatafile请提供帮助。此代码在我自己的SP实现上运行良好:
@Bean
@Qualifier("yourMetadataProvider")
public ExtendedMetadataDelegate yourMetadataProvider()
throws MetadataProviderException, IOException {
String path = "<metadata_path>";
FilesystemMetadataProvider filesystemMetadataProvider = new FilesystemMetadataProvider(
new File(path));
filesystemMetadataProvider.setParserPool(parserPool());
ExtendedMetadataDelegate emd = new ExtendedMetadataDelegate(
filesystemMetadataProvider, new ExtendedMetadata());
// Your config
emd.setLocal(true);
emd.setAlias("defaultAlias");
emd.setSecurityProfile("metaiop");
emd.setSslSecurityProfile("pkix");
emd.setRequireArtifactResolveSigned(true);
emd.setRequireLogoutRequestSigned(true);
emd.setRequireLogoutResponseSigned(false);
emd.setIdpDiscoveryEnabled(false);
return emd;
}
@Bean
@限定符(“yourMetadataProvider”)
公共ExtendedMetadataDelegate yourMetadataProvider()
抛出MetadataProviderException、IOException{
字符串路径=”;
FilesystemMetadataProvider FilesystemMetadataProvider=新FilesystemMetadataProvider(
新文件(路径));
setParserPool(parserPool());
ExtendedMetadataDelegate emd=新的ExtendedMetadataDelegate(
filesystemMetadataProvider,新的ExtendedMetadata());
//你的配置
emd.setLocal(真);
emd.setAlias(“defaultAlias”);
emd.setSecurityProfile(“metaiop”);
emd.setSslSecurityProfile(“pkix”);
emd.SetRequiredActResolveSigned(真);
emd.setRequireLogoutRequestSigned(真);
emd.SetRequireLogoutResponsed(假);
emd.SetIdDiscoveryEnabled(错误);
返回emd;
}
设置元数据文件的路径时要小心。不清楚spMetadataFile和IDPMataFile是如何填充的,但您似乎可以自动连接ResourceLoader,并像ResourceLoader.getResource(“类路径:filepath”).getFile()一样使用它;获取文件。