我正在创建saml服务提供者,使用springboot作为身份验证0作为idp并部署在服务器上。一切,工作与预期的ip地址。但是当我使用dns名称的时候,事情开始失败了。
这是我的密码,
http
.authorizeRequests()
.antMatchers("/saml*").permitAll()
.anyRequest().authenticated()
.and()
.apply(SAMLConfigurer.saml())
.serviceProvider()
.keyStore()
.storeFilePath(this.keyStoreFilePath)
.password(this.password)
.keyname(this.keyAlias)
.keyPassword(this.password)
.and()
.protocol("https")
.hostname("www.myserverdns.con")
.basePath("/")
.and()
.identityProvider()
.metadataFilePath("file:"+resource);所以,当我击中www.myserverdns.con/someapi,呼叫转到www.myserverdns.con/saml/sso服务器重定向到“serverip.address/someapi”。
这是saml tracer的输出,
POST https://www.assesshub.com/assessws/saml/SSO HTTP/1.1
HTTP/1.1 302
Date: Wed, 18 Nov 2020 13:34:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 0; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Location: http://serverIP.address:8080/someAPI注意:正如我所说的,上面的代码可以很好地处理ip地址,但只有在使用dns名称时才有问题。
另外还有申请记录,
2020-11-18 18:59:49.615 INFO 31467 --- [nio-8443-exec-4] o.s.security.saml.log.SAMLDefaultLogger : AuthNRequest;SUCCESS;serverIP.address;https://server.dns.name/saml/metadata;urn:dev-***.us.auth0.com;;;
2020-11-18 19:04:01.251 INFO 31467 --- [nio-8443-exec-3] o.s.security.saml.log.SAMLDefaultLogger : AuthNRequest;SUCCESS;serverIP.address;https:/server.dns.name/saml/metadata;urn:dev-***.us.auth0.com;;;
2020-11-18 19:04:02.058 INFO 31467 --- [nio-8443-exec-5] colMessageXMLSignatureSecurityPolicyRule : SAML protocol message was not signed, skipping XML signature processing
2020-11-18 19:04:02.064 INFO 31467 --- [nio-8443-exec-5] o.s.security.saml.log.SAMLDefaultLogger : AuthNResponse;SUCCESS;serverIP.address;https://server.dns.name/saml/metadata;urn:dev-***.us.auth0.com;auth0|5fac201d954ba3006f0a39c2;;我所尝试的,
根据https://docs.spring.io/spring-security-saml/docs/current/reference/htmlsingle/#d5e1940,我查过了 entityBaseURL 但它不起作用
有人能提供意见吗?
提前谢谢!!!
暂无答案!
目前还没有任何答案,快来回答吧!