java - SAML Authentication with Spring security (Spring Boot)

Question

Hi I am trying to include saml authentication with springboot application and I face an issue. When I try to submit post method after authentication it redirects to saml auth url and comeback to my application and then the actual post request is gone. I want to add some data to DB via post method and when I try to submit my post it gets redirects to to SAML third part auth provider and authorizes the request and then comes back to the my app with default redirect url, Now my post request is gone and its not being hit to the actual controller.

Adding my code below:

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.saml.SAMLCredential;
import org.springframework.security.saml.websso.WebSSOProfileOptions;

import static org.springframework.security.extensions.saml2.config.SAMLConfigurer.saml;

@EnableWebSecurity
@Configuration
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter{
    
    @Value("${security.saml2.metadata-url}")
    String metadataUrl;

    @Value("${server.ssl.key-alias}")
    String keyAlias;

    @Value("${server.ssl.key-store-password}")
    String password;

    @Value("${server.port}")
    String port;

    @Value("${server.ssl.key-store}")
    String keyStoreFilePath;
    
    @Value("${server.hostname}")
    String hostname;
    
    @Value("${server.protocol}")
    String protocol;

    @Override
    protected void configure(final HttpSecurity http) throws Exception {
        http.headers().frameOptions().sameOrigin();
        http.authorizeRequests()
                .antMatchers("/saml*").permitAll()
                .anyRequest().authenticated()
                .and()
            .apply(saml())
                .serviceProvider()
                    .keyStore()
                        .storeFilePath(this.keyStoreFilePath)
                        .password(this.password)
                        .keyname(this.keyAlias)
                        .keyPassword(this.password)
                        .and()
                    .protocol(this.protocol)
                    .hostname(String.format("%s:%s", this.hostname, this.port))
                    .basePath("/")
                    .and()
                .identityProvider()
                .metadataFilePath(this.metadataUrl);
    }
    

}

question from:https://stackoverflow.com/questions/65831036/saml-authentication-with-spring-security-spring-boot

Answer 1

Waitting for answers