Now, we will change (or rather, configure) our Spring Security configuration files, as follows:
@EnableWebSecurity
@Configuration
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${security.saml2.metadata-url}")
String metadataUrl;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/saml/**").permitAll()
.anyRequest().authenticated()
.and()
.apply(saml())
.serviceProvider()
.keyStore()
.storeFilePath("saml/keystore.jks")
.password("secret")
.keyname("spring")
.keyPassword("secret")
.and()
.protocol("https")
.hostname("localhost:8443")
.basePath("/")
.and()
.identityProvider()
.metadataFilePath(metadataUrl)
.and();
}
}
The file does not have to be modified in any way. It's good to go, through the all-important configure method. In spring-security-saml-dsl-core, the introduction of the saml() method makes coding very concise and easy. With this, you are almost done, and the final step is to create the keystore.