Issue using SAML for authentication with spring boot app

0
votes

I'm currently reading this article on how to set up SAML with Spring Boot applications.

I followed all the steps and I just changed the Single Sign On URL from "https://localhost:8443/saml/SSO" to "https://localhost:8443/mycompanysaml/SSO".

When I run the application, I see no errors in the IDE console, But the login page of Okta doesn't show on the browser. I have the following message. Error message in the browser

And the stacktrace of the message in the console is the following :

2017-11-03 15:21:23.991  INFO 50013 --- [nio-8443-exec-7] o.a.c.c.C[Tomcat].[localhost].[/]       : Initializing Spring FrameworkServlet 'dispatcherServlet'
2017-11-03 15:21:23.991  INFO 50013 --- [nio-8443-exec-7]o.s.web.servlet.DispatcherServlet        : FrameworkServlet'dispatcherServlet': initialization started
2017-11-03 15:21:24.006  INFO 50013 --- [nio-8443-exec-7]o.s.web.servlet.DispatcherServlet        : FrameworkServlet'dispatcherServlet': initialization completed in 15 ms
2017-11-03 15:21:24.021  INFO 50013 --- [nio-8443-exec-7]o.s.s.s.m.MetadataGeneratorFilter        : No default metadata configured, generating with default values, please pre-configure metadata for production use
2017-11-03 15:21:24.060  INFO 50013 --- [nio-8443-exec-7]o.s.s.s.m.MetadataGeneratorFilter        : Created default metadata for system with entityID: https://localhost:8443/saml/metadata
2017-11-03 15:21:24.708  INFO 50013 --- [nio-8443-exec-7].s.m.p.AbstractReloadingMetadataProvider : New metadata succesfullyloaded for 'https://dev-531605.oktapreview.com/app/exkcp2fsptqmfDGtf0h7/sso/saml/metadata'
2017-11-03 15:21:24.720  INFO 50013 --- [nio-8443-exec-7].s.m.p.AbstractReloadingMetadataProvider : Next refresh cycle for metadata provider 'https://dev-531605.oktapreview.com/app/exkcp2fsptqmfDGtf0h7/sso/saml/metadata' will occur on '2017-11-04T01:21:24.240Z' ('2017-11-03T18:21:24.240-07:00' local time)
2017-11-03 15:21:24.865  INFO 50013 --- [io-8443-exec-10]o.s.security.saml.log.SAMLDefaultLogger:AuthNRequest;SUCCESS;0:0:0:0:0:0:0:1;https://localhost:8443/saml/metadata;http://www.okta.com/exkcp2fsptqmfDGtf0h7;;;

Could someone please explain me what going on ? Is it because I changed the Single Sign On URL to my own, it shouldn't be a problem, right ?

Thanks in advance for your help. G.

1
samlspring-samloktaokta-api
Yes, I believe it's because you changed the URL. https://localhost:8443/saml/SSO is the URL that Spring Security expects you to use - I'm not sure you can change it.Matt Raible
@MattRaible How long is the session, when you logged in ?yimson
@MattRaible I changed the URL and it worked. But I really want to understand why we can’t change that url.yimson

1 Answers

0
votes

The configuration that you setup for SAML in your application will have one spring security filter related to SAML where you have added the filters.

so if you want to change the SSO url then you will have to change the url's in the filters declared in the config file.

For the application that you are referring is using the default configurations.

for more info. http://www.sylvainlemoine.com/2016/06/06/spring-saml2.0-websso-and-jwt-for-mobile-api/ check this