pateluday07 / saml-sso-and-slo-demo-idp-azure-sp-springboot Goto Github PK

@pateluday07

THank you for the sample but when login page opens and you submit valid credential not not even calling backend

I have this question for you:

Is it possible to use Azure AD as iDP for external application coming from the Gallery or even configured manually when you use AD Connect with ADFS On-Premises?

To make if clear, we do not use Password Hashes or passthrough with SSO but Federated services with our AD Connect On-Premises (no user data stored in the cloud).

Thanks in advance,

Kind Regards,

Hi Uday,
Thank you for sharing the knowledge and sharing the code. I followed the instruction and able to run your code properly. But inactivity of the 2-hour request redirect to "http://localhost:8080/saml/SSO" ANd on the backend, I am getting this error:

authentication.CredentialsExpiredException: Authentication statement is too old to be used with value

I had tried some other sample codes as well but facing the same issue every time.

Can you please guide me on how to fix this problem?. All I want to re-log in user after the session is time out. I will really appreciate any help I can get. Thank you in advance.

Hi, after I login successfully with SSO the application doesn't go forward to the landing page, but it loops on the discovery page because this instruction
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
returns always null.
Could you give me some ideas about what could be the cause of this behaviour ?
TIA
D.

Hi Uday,
Thank you for sharing the knowledge and sharing the code. I followed the instruction and i am getting below error..
2021-07-21 15:32:45.494 ERROR 17584 --- [ main] o.o.s.m.p.SignatureValidationFilter : Signature trust establishment failed for metadata entry https://sts.windows.net/##################/
2021-07-21 15:32:45.495 ERROR 17584 --- [ main] .s.m.p.AbstractReloadingMetadataProvider : Error filtering metadata from https://login.microsoftonline.com/#########c9a/federationmetadata/2007-06/federationmetadata.xml?appid=#####################

org.opensaml.saml2.metadata.provider.FilterException: Signature trust establishment failed for metadata entry
at org.opensaml.saml2.metadata.provider.SignatureValidationFilter.verifySignature(SignatureValidationFilter.java:327) ~[opensaml-2.6.6.jar:?]

I have giver correct
service.provider.entity.id:

idp.metedata.url:

In application YAML file

From a clean copy of the repo, I enter some dummy values in application.yaml, then run:

mvn clean package

There are numerous test failures with IllegalArgumentException, such as:

Could not resolve placeholder 'service.provider.entity.id' in value "${service.provider.entity.id}"

I tried the following fixes:

1. copying src/main/resources to src/test/resources

2. adding the following clause to in pom.xml
   
   
   ${project.basedir}/src/test/resources
   true
   
   
   ${project.basedir}/src/main/resources
   true
   
   

but neither approach worked. Can you help?

Hey,

Where do I configure the reply URL in the application? As of now, we have configured the Reply URL as AD side and it works for localhost:8080 only.

The moment we deploy the app on the server and change the reply URL to https://servername/appname i keep getting the below error

In my application.properties this is all that I have specified

#SSO
service.provider.entity.id=AppName
idp.metedata.url=https://login.microsoftonline.com//federationmetadata/2007-06/federationmetadata.xml?appid=d0f386-7e70-49c1-b4f7-XXXXXXXX
saml.keystore.password= password
saml.private.key.alias= alias
saml.private.key.password: password
saml.keystore.file=classpath:/saml/dev/samlKeystore.jks

Spring boot version is 2.5.5

Thnks