I have a Spring application already using Spring security with a local store of users. I want to also allow an IDP login via SAML assertion, but only for people who already have an account with my application.
1) Can I configure spring security to optionally use SAML authentication provider OR an LDAP authentication provider? 2) When someone authenticates via SAML, can I populate their session principle with information from the local user store? 3) Finally, can I do this through Spring configuration, or do I need to do it programmatically?
