1 Reply Latest reply on May 14, 2014 9:01 AM by Tomaz Cerar

    Integrating Wildfly and Spring Secuirty: filter chain proxy issue

    Vincenzo De Notaris Newbie

      I'm working in order to integrate Spring Security SAML Extension with Spring Boot.

      I developed a complete sample application, all the source code is published on GitHub: spring-boot-saml-integration on GitHub

      By running the webapp as Spring Boot application (through STS, by using an embedded Application Server) it works fine (with the exception of Single-Logout and Global Logout on IdP). Unfortunately, the auth process doesn't work on WildFly (and I must use it as production AS): the IdP performs the AuthN process and the instructions of my custom UserDetails implementation are correctly executed. Despite that Spring doesn't set up the privileges for the current user.

      By debugging, I checked that the problem starts from FilterChainProxy class. When I run the webapp on WildFly, I can see that the attribute FILTER_APPLIED from ServletRequest is null, thus Spring clears the SecurityContextHolder.

      This is my security configuration: WebSecurityConfig.java (with another conf class: SAMLConfig.java)

      How can I fix this problem?

      Regards, V.

      Also on: http://stackoverflow.com/questions/23559866/integrating-spring-boot-and-saml