Spring Security Saml DSL непрерывных перенаправлений - PullRequest
Новая
       36

Spring Security Saml DSL непрерывных перенаправлений

0 голосов
/ 15 апреля 2019

Приложение Spring Boot при запуске показывает ниже: 

2019-04-15 21:38:39.745  INFO 9532 --- [  restartedMain] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/saml/login/**'], [tesco.finance.gss.remify.saml.SAMLDslEntryPoint@3e7e381]
2019-04-15 21:38:39.745  INFO 9532 --- [  restartedMain] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/saml/logout/**'], [org.springframework.security.saml.SAMLLogoutFilter@61fba95]
2019-04-15 21:38:39.746  INFO 9532 --- [  restartedMain] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/saml/metadata/**'], [org.springframework.security.saml.metadata.MetadataDisplayFilter@38303daa]
2019-04-15 21:38:39.746  INFO 9532 --- [  restartedMain] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/remify/saml/SSOHoK/**'], [org.springframework.security.saml.SAMLProcessingFilter@1b07d54d]
2019-04-15 21:38:39.746  INFO 9532 --- [  restartedMain] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/saml/SingleLogout/**'], [org.springframework.security.saml.SAMLLogoutProcessingFilter@2740d647]
2019-04-15 21:38:39.746  INFO 9532 --- [  restartedMain] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: Ant [pattern='/saml/discovery/**'], [org.springframework.security.saml.SAMLDiscovery@5cf00b28]

Конфигурация Http: 

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/saml/**").permitAll()
                .antMatchers("/remify/saml/SSOHoK/**").permitAll()
                .anyRequest().authenticated()
                .and()
            .apply(saml())
                .serviceProvider()
                    .keyStore()
                        .storeFilePath("classpath:keys/keystore.jks")
                        .password("secret")
                        .keyname("remify")
                        .keyPassword("secret")
                        .and()
                    .protocol("http")
                    .hostname("dvgssjensl001uk.dev.global.tesco.org:80")
                    .basePath("/")
                    .entityId("remify")
                    .and()
                .identityProvider()
                    .metadataFilePath(metadataUrl)
                    .discoveryEnabled(true)
                    .and();
    }

Я получаю журналы ниже от SAMLDefaulLogger

<saml2p:AuthnRequest AssertionConsumerServiceURL="http://dvgssjensl001uk.dev.global.tesco.org:80/remify/saml/SSOHoK" Destination="https://loginppe.ourtesco.com/trust/saml2/http-redirect/sso/362584" ForceAuthn="false" ID="a3f854c0fa7g2fji11b7gbe7785e854" IsPassive="false" IssueInstant="2019-04-15T20:41:29.895Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"><saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">remify</saml2:Issuer></saml2p:AuthnRequest>;
2019-04-15 21:41:31.693  INFO 9532 --- [p-nio-80-exec-5] o.s.security.saml.log.SAMLDefaultLogger  : AuthNRequest;SUCCESS;192.168.29.236;remify;https://app-eu.onelogin.com/saml/metadata/09b2122c-2891-47d4-95e2-97587680404f;;<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest AssertionConsumerServiceURL="http://dvgssjensl001uk.dev.global.tesco.org:80/remify/saml/SSOHoK" Destination="https://loginppe.ourtesco.com/trust/saml2/http-redirect/sso/362584" ForceAuthn="false" ID="a1ga1gjh122ii47i29ifc183df50cgb" IsPassive="false" IssueInstant="2019-04-15T20:41:31.685Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"><saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">remify</saml2:Issuer></saml2p:AuthnRequest>;
2019-04-15 21:42:41.967  INFO 9532 --- [p-nio-80-exec-4] o.s.security.saml.log.SAMLDefaultLogger  : AuthNRequest;SUCCESS;192.168.29.236;remify;https://app-eu.onelogin.com/saml/metadata/09b2122c-2891-47d4-95e2-97587680404f;;<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest AssertionConsumerServiceURL="http://dvgssjensl001uk.dev.global.tesco.org:80/remify/saml/SSOHoK" Destination="https://loginppe.ourtesco.com/trust/saml2/http-redirect/sso/362584" ForceAuthn="false" ID="a27g7d815efa8f8a51ba878di7f7d4" IsPassive="false" IssueInstant="2019-04-15T20:42:41.958Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"><saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">remify</saml2:Issuer></saml2p:AuthnRequest>;
2019-04-15 21:42:44.265  INFO 9532 --- [p-nio-80-exec-5] o.s.security.saml.log.SAMLDefaultLogger  : AuthNRequest;SUCCESS;192.168.29.236;remify;https://app-eu.onelogin.com/saml/metadata/09b2122c-2891-47d4-95e2-97587680404f;;<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest AssertionConsumerServiceURL="http://dvgssjensl001uk.dev.global.tesco.org:80/remify/saml/SSOHoK" Destination="https://loginppe.ourtesco.com/trust/saml2/http-redirect/sso/362584" ForceAuthn="false" ID="a3ad2ic2eihdja821368fi88g7379jg" IsPassive="false" IssueInstant="2019-04-15T20:42:44.245Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"><saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">remify</saml2:Issuer></saml2p:AuthnRequest>;
2019-04-15 21:42:46.142  INFO 9532 --- [p-nio-80-exec-6] o.s.security.saml.log.SAMLDefaultLogger  : AuthNRequest;SUCCESS;192.168.29.236;remify;https://app-eu.onelogin.com/saml/metadata/09b2122c-2891-47d4-95e2-97587680404f;;<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest AssertionConsumerServiceURL="http://dvgssjensl001uk.dev.global.tesco.org:80/remify/saml/SSOHoK" Destination="https://loginppe.ourtesco.com/trust/saml2/http-redirect/sso/362584" ForceAuthn="false" ID="a2ab3h397ieb33j943ae056fi2gi36" IsPassive="false" IssueInstant="2019-04-15T20:42:46.134Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"><saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">remify</saml2:Issuer></saml2p:AuthnRequest>;
2019-04-15 21:42:48.423  INFO 9532 --- [p-nio-80-exec-7] o.s.security.saml.log.SAMLDefaultLogger  : AuthNRequest;SUCCESS;192.168.29.236;remify;https://app-eu.onelogin.com/saml/metadata/09b2122c-2891-47d4-95e2-97587680404f;;<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest AssertionConsumerServiceURL="http://dvgssjensl001uk.dev.global.tesco.org:80/remify/saml/SSOHoK" Destination="https://loginppe.ourtesco.com/trust/saml2/http-redirect/sso/362584" ForceAuthn="false" ID="a4cc456d6702001349ib74b19928g03" IsPassive="false" IssueInstant="2019-04-15T20:42:48.410Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"><saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">remify</saml2:Issuer></saml2p:AuthnRequest>;
...