Uploaded image for project: 'SX Spring Security Extension'
  1. SX Spring Security Extension
  2. SES-28

SAMLAuthenticationProvider should optionally create the AuthenticationToken with the principal containing the UserDetails

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Complete
    • Affects Version/s: None
    • Fix Version/s: saml-1.0.0.RC1
    • Component/s: saml
    • Labels:
      None

      Description

      I wonder if it would be possible to extend the SAMLAuthenticationProvider so that it optionally would create the AuthenticationToken with the principal containing the UserDetails instead of the String representation of the username.

      This feature could be implemented like in the class
      org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider

      I have attached my suggestion for the SAMLAuthenticationProvider.

      Perhaps you could consider this.

      Anyway I would like to thank you Vladimir for contributing your SAML Security Extension to the public.

      Martin

        Activity

        Hide
        vsch Vladimir Schäfer added a comment -

        The AbstractUserDetailsAuthenticationProvider was modified to contain method "protected Object getPrincipal(SAMLCredential credential, Object userDetail)" which by default returns NameID from the SAML2 message (as before). You are now free to create Principal in any format (and still keep it different from UserDetails object) by overriding the method.

        Signature of method "protected void processUserDetails(AbstractAuthenticationToken token, SAMLCredential credential)" was changed to "protected Object getUserDetails(SAMLCredential credential)".

        Hopefully this will solve your issue Martin.

        V.

        Show
        vsch Vladimir Schäfer added a comment - The AbstractUserDetailsAuthenticationProvider was modified to contain method "protected Object getPrincipal(SAMLCredential credential, Object userDetail)" which by default returns NameID from the SAML2 message (as before). You are now free to create Principal in any format (and still keep it different from UserDetails object) by overriding the method. Signature of method "protected void processUserDetails(AbstractAuthenticationToken token, SAMLCredential credential)" was changed to "protected Object getUserDetails(SAMLCredential credential)". Hopefully this will solve your issue Martin. V.

          People

          • Assignee:
            vsch Vladimir Schäfer
            Reporter:
            mpr Martin Rösel
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development