我有一个简单的 Springboot 3.1.2 应用程序,使用 SAML2 使用 okta 作为身份提供程序。
我的安全配置是:
@Bean
public SecurityFilterChain filterChain(HttpSecurity http, SuezGebruikersService suezGebruikersService) throws Exception {
OpenSaml4AuthenticationProvider authenticationProvider = new OpenSaml4AuthenticationProvider();
authenticationProvider.setResponseAuthenticationConverter((Converter<ResponseToken, Saml2Authentication>) responseToken -> {
Assertion assertion = CollectionUtils.firstElement(responseToken.getResponse().getAssertions());
Map<String, List<Object>> attributes = getAssertionAttributes(assertion);
int cprid = -1;
if (attributes.get("cprid") != null && attributes.get("cprid").size() == 1) {
cprid = Integer.parseInt((String) attributes.get("cprid").get(0));
}
SuezGebruiker principal = (SuezGebruiker) suezGebruikersService.getUserRights(cprid, attributes);
return new Saml2Authentication(principal, responseToken.getToken().getSaml2Response(), principal.getAuthorities());
});
authenticationProvider.setAssertionValidator(OpenSaml4AuthenticationProvider.createDefaultAssertionValidator());
DefaultRelyingPartyRegistrationResolver relyingPartyRegistrationResolver = new DefaultRelyingPartyRegistrationResolver(this.relyingPartyRegistrationRepository);
Saml2MetadataFilter filter = new Saml2MetadataFilter(relyingPartyRegistrationResolver, new OpenSamlMetadataResolver());
return http.authorizeHttpRequests(authorize -> authorize.anyRequest().authenticated())
.saml2Login((saml2 -> saml2.authenticationManager(new ProviderManager(authenticationProvider))))
.saml2Logout(withDefaults())
.addFilterBefore(filter, Saml2WebSsoAuthenticationFilter.class)
.addFilterAfter(switchUserFilter(suezGebruikersService), AuthorizationFilter.class)
.build();
}
登录 okta 并返回服务提供商后,我得到:
No relying party registration found
我不知道是什么导致了错误。
它是在我的 okta 配置中还是在我的 Springboot 应用程序中?
有人可以给我提示从哪里开始吗?
您成功解决这个问题了吗?我遇到了类似的错误,非常感谢您提供的任何指导。