GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update shouldConvertGetRequests Migration Steps 

Issue gh-17099
pull/17202/merge
Josh Cummings 7 months ago
parent
f73f253beb
commit
492444c588
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
1 changed files with 6 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      docs/modules/ROOT/pages/migration/servlet/oauth2.adoc

14
docs/modules/ROOT/pages/migration/servlet/oauth2.adoc
Unescape View File

@ -83,9 +83,9 @@ fun jwtDecoder(): JwtDecoder { @@ -83,9 +83,9 @@ fun jwtDecoder(): JwtDecoder {
Spring Security does not support processing `<saml2:Response>` payloads over GET as this is not supported by the SAML 2.0 spec.
To better comply with this, `Saml2AuthenticationTokenConverter` will not process GET requests by default as of Spring Security 8.
To better comply with this, `Saml2AuthenticationTokenConverter`, `OpenSaml4AuthenticationTokenConverter`, and `OpenSaml5AuthenticationTokenConverter` will not process GET requests by default as of Spring Security 8.
To prepare for this, the property `shouldConvertGetRequests` is available.
To use it, publish your own `Saml2AuthenticationTokenConverter` like so:
To use it, publish your own converter like so:
[tabs]
======
@ -94,9 +94,8 @@ Java:: @@ -94,9 +94,8 @@ Java::
[source,java,role="primary"]
----
@Bean
Saml2AuthenticationTokenConverter authenticationConverter(RelyingPartyRegistrationRepository registrations) {
Saml2AuhenticationTokenConverter authenticationConverter = new Saml2AuthenticationTokenConverter(
new DefaultRelyingPartyRegistrationResolver(registrations));
OpenSaml5AuthenticationTokenConverter authenticationConverter(RelyingPartyRegistrationRepository registrations) {
OpenSaml5AuthenticationTokenConverter authenticationConverter = new OpenSaml5AuthenticationTokenConverter(registrations);
authenticationConverter.setShouldConvertGetRequests(false);
return authenticationConverter;
}
@ -108,12 +107,11 @@ Kotlin:: @@ -108,12 +107,11 @@ Kotlin::
----
@Bean
fun authenticationConverter(val registrations: RelyingPartyRegistrationRepository): Saml2AuthenticationTokenConverter {
val authenticationConverter = new Saml2AuthenticationTokenConverter(
DefaultRelyingPartyRegistrationResolver(registrations))
val authenticationConverter = Saml2AuthenticationTokenConverter(registrations)
authenticationConverter.setShouldConvertGetRequests(false)
return authenticationConverter
}
----
======
If you must continue using `Saml2AuthenticationTokenConverter` to process GET requests, you can call `setShouldConvertGetRequests` to `true.`
If you must continue using `Saml2AuthenticationTokenConverter`, `OpenSaml4AuthenticationTokenConverter`, or `OpenSaml5AuthenticationTokenConverter` to process GET requests, you can call `setShouldConvertGetRequests` to `true.`

Write Preview
Loading…
Cancel
Save