GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Document OpenSAML 4 vs OpenSAML 5 Support 

Closes gh-11658
pull/15531/head
Josh Cummings 1 year ago
parent
1da383b360
commit
96682a1d5c
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
1 changed files with 93 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 93
      docs/modules/ROOT/pages/servlet/saml2/opensaml.adoc

93
docs/modules/ROOT/pages/servlet/saml2/opensaml.adoc
Unescape View File

@ -0,0 +1,93 @@
= OpenSAML Support
Spring Security provides an API for implementing SAML 2.0 features, and it also provides a default implementation using OpenSAML.
Because Spring Security supports more than one version of OpenSAML at the same time, the components use the following naming convention:
* Any component that is usable across all supported versions is named `OpenSamlXXX`.
* Any component that targets OpenSAML 4.x is named `OpenSaml4XXX`
* Any component that targets OpenSAML 5.x is named `OpenSaml5XXX`
`spring-security-config` selects between these implementations by default by discovering which version your application is currently using.
For example, if you are using OpenSAML 4, Spring Security will use the `OpenSaml4XXX` components.
== Selecting OpenSAML 4
Spring Security depends on OpenSAML 4 by default, so you need do nothing to begin using it other than importing the `spring-security-saml` dependency.
== Selecting OpenSAML 5
To use OpenSAML, you should override the `opensaml` dependencies as follows:
[tabs]
======
Maven::
+
[source,maven,role="primary"]
----
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-core-api</artifactId>
<version>5.1.2</version>
</depedency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-core-impl</artifactId>
<version>5.1.2</version>
</depedency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-saml-api</artifactId>
<version>5.1.2</version>
</depedency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-saml-imple</artifactId>
<version>5.1.2</version>
</depedency>
</dependencies>
</dependencyManagement>
// ...
<dependencies>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-saml2-service-provider</artifactId>
<exclusions>
<exclusion>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-core</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
----
Gradle::
+
[source,gradle,role="secondary"]
----
dependencies {
constraints {
implementation "org.opensaml:opensaml-core-api:5.1.2"
implementation "org.opensaml:opensaml-core-impl:5.1.2"
implementation "org.opensaml:opensaml-saml-api:5.1.2"
implementation "org.opensaml:opensaml-saml-impl:5.1.2"
}
// ...
implementation ('org.springframework.security:spring-security-saml2-service-provider') {
exclude group: "org.opensaml", module: "opensaml-core"
}
// ...
}
----
======
[NOTE]
The exclusion is necessary because OpenSAML 5 splits `opensaml-core` into `opensaml-core-api` and `opensaml-core-impl`
Write Preview
Loading…
Cancel
Save