Spring SAML-如何在SP HTTP请求上添加自定义字段?
我的服务提供商使用HTTP Post绑定将请求发送到IDP。我需要在表单中添加新字段。现在我正在发送“SAMLRequest”和“RelayState”,但我还需要发送“option”和“profile”,这些是我们的IDP所需要的字段。如何使用Spring Saml安全性实现这一点 您可以在SAMLSpring SAML-如何在SP HTTP请求上添加自定义字段?,spring,spring-security,saml,spring-saml,Spring,Spring Security,Saml,Spring Saml,我的服务提供商使用HTTP Post绑定将请求发送到IDP。我需要在表单中添加新字段。现在我正在发送“SAMLRequest”和“RelayState”,但我还需要发送“option”和“profile”,这些是我们的IDP所需要的字段。如何使用Spring Saml安全性实现这一点 您可以在SAMLAuthnRequest消息的Extensions元素中包含其他字段。为此,您需要重写类websoprofileimpl,并在securityContext.xml中配置新的实现类。Extensio
AuthnRequest
消息的Extensions
元素中包含其他字段。为此,您需要重写类websoprofileimpl
,并在securityContext.xml
中配置新的实现类。Extensions
元素可以构造如下:
package example;
import org.opensaml.common.SAMLException;
import org.opensaml.saml2.common.Extensions;
import org.opensaml.saml2.common.impl.ExtensionsBuilder;
import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.metadata.AssertionConsumerService;
import org.opensaml.saml2.metadata.SingleSignOnService;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.xml.schema.XSAny;
import org.opensaml.xml.schema.impl.XSAnyBuilder;
import org.springframework.security.saml.context.SAMLMessageContext;
import org.springframework.security.saml.metadata.MetadataManager;
import org.springframework.security.saml.processor.SAMLProcessor;
import org.springframework.security.saml.websso.WebSSOProfileImpl;
import org.springframework.security.saml.websso.WebSSOProfileOptions;
/**
* Customization of the AuthnRequest generation.
*/
public class WebSSOProfile extends WebSSOProfileImpl {
public WebSSOProfile() {
}
public WebSSOProfile(SAMLProcessor processor, MetadataManager manager) {
super(processor, manager);
}
@Override
protected AuthnRequest getAuthnRequest(SAMLMessageContext context, WebSSOProfileOptions options, AssertionConsumerService assertionConsumer, SingleSignOnService bindingService) throws SAMLException, MetadataProviderException {
AuthnRequest authnRequest = super.getAuthnRequest(context, options, assertionConsumer, bindingService);
authnRequest.setExtensions(buildExtensions());
return authnRequest;
}
protected Extensions buildExtensions() {
XSAny extraElement = new XSAnyBuilder().buildObject("urn:myexample:extraAttribute", "ExtraElement", "myexample");
extraElement.setTextContent("extraValue");
Extensions extensions = new ExtensionsBuilder().buildObject();
extensions.getUnknownXMLObjects().add(extraElement);
return extensions;
}
}
你知道如何在Grails应用程序中做到这一点吗?我需要重写websoprofileimpl.buildReturnAddress方法。