I'm working in order to integrate Spring Security SAML Extension with Spring Boot.
I developed a complete sample application, all the source code is published on GitHub: spring-boot-saml-integration on GitHub
By running the webapp as Spring Boot application (through STS, by using an embedded Application Server) it works fine (with the exception of Single-Logout and Global Logout on IdP). Unfortunately, the auth process doesn't work on WildFly (and I must use it as production AS): the IdP performs the AuthN process and the instructions of my custom UserDetails implementation are correctly executed. Despite that Spring doesn't set up the privileges for the current user.
By debugging, I checked that the problem starts from FilterChainProxy
class. When I run the webapp on WildFly, I can see that the attribute FILTER_APPLIED
from ServletRequest
is null, thus Spring clears the SecurityContextHolder
.
This is my security configuration: WebSecurityConfig.java (with another conf class: SAMLConfig.java)
How can I fix this problem?
Regards, V.
Also on: http://stackoverflow.com/questions/23559866/integrating-spring-boot-and-saml
how does your filter mapping look like?
as looking at your code i could not find anything that would look like it.
you are doing programmatic filter / servlet registration?