Fix SAML 2.0 Javaconfig Sample

Issue gh-9362

Author: jzheaux

samples/javaconfig/saml2login/spring-security-samples-javaconfig-saml2-login.gradle

@@ -5,6 +5,7 @@ dependencies {
 	compile project(':spring-security-config')
 	compile "org.bouncycastle:bcprov-jdk15on"
 	compile "org.bouncycastle:bcpkix-jdk15on"
+	compile slf4jDependencies
 
 	testCompile project(':spring-security-test')
 }

samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/MessageSecurityWebApplicationInitializer.java

@@ -27,6 +27,10 @@
 public class MessageSecurityWebApplicationInitializer extends
 		AbstractSecurityWebApplicationInitializer {
 
+	public MessageSecurityWebApplicationInitializer() {
+		super(SecurityConfig.class);
+	}
+
 	@Override
 	protected boolean enableHttpSessionEventPublisher() {
 		return true;

samples/javaconfig/saml2login/src/main/java/org/springframework/security/samples/config/SecurityConfig.java

@@ -15,6 +15,8 @@
  */
 package org.springframework.security.samples.config;
 
+
+import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -23,6 +25,7 @@
 import org.springframework.security.saml2.credentials.Saml2X509Credential;
 import org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
+import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
 import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter;
 
 import java.io.ByteArrayInputStream;
@@ -39,7 +42,8 @@
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
-	RelyingPartyRegistration getSaml2AuthenticationConfiguration() throws Exception {
+	@Bean
+	RelyingPartyRegistrationRepository getSaml2AuthenticationConfiguration() throws Exception {
 		//remote IDP entity ID
 		String idpEntityId = "https://simplesaml-for-spring-saml.cfapps.io/saml2/idp/metadata.php";
 		//remote WebSSO Endpoint - Where to Send AuthNRequests to
@@ -53,14 +57,14 @@ RelyingPartyRegistration getSaml2AuthenticationConfiguration() throws Exception
 		//IDP certificate for verification of incoming messages
 		Saml2X509Credential idpVerificationCertificate = getVerificationCertificate();
 		String acsUrlTemplate = "{baseUrl}" + Saml2WebSsoAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI;
-		return RelyingPartyRegistration.withRegistrationId(registrationId)
+		return new InMemoryRelyingPartyRegistrationRepository(RelyingPartyRegistration.withRegistrationId(registrationId)
 				.remoteIdpEntityId(idpEntityId)
 				.idpWebSsoUrl(webSsoEndpoint)
 				.credentials(c -> c.add(signingCredential))
 				.credentials(c -> c.add(idpVerificationCertificate))
 				.localEntityIdTemplate(localEntityIdTemplate)
 				.assertionConsumerServiceUrlTemplate(acsUrlTemplate)
-				.build();
+				.build());
 	}
 
 	@Override
@@ -70,14 +74,7 @@ protected void configure(HttpSecurity http) throws Exception {
 			.authorizeRequests()
 				.anyRequest().authenticated()
 				.and()
-			.saml2Login()
-				.relyingPartyRegistrationRepository(
-						new InMemoryRelyingPartyRegistrationRepository(
-							getSaml2AuthenticationConfiguration()
-					)
-				)
-				.loginProcessingUrl("/sample/jc/saml2/sso/{registrationId}")
-		;
+			.saml2Login();
 		// @formatter:on
 	}
 

samples/javaconfig/saml2login/src/main/resources/logback.xml

@@ -0,0 +1,12 @@
+<configuration>
+	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+	<encoder>
+		<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+	</encoder>
+	</appender>
+
+	<root level="WARN">
+		<appender-ref ref="STDOUT" />
+	</root>
+
+</configuration>

samples/javaconfig/saml2login/src/test/java/org/springframework/security/samples/config/SecurityConfigTests.java

@@ -44,7 +44,7 @@ public void securityConfigurationLoads() {
 	public void filterWhenLoginProcessingUrlIsSetInJavaConfigThenTheFilterHasIt() {
 		FilterChainProxy filterChain = context.getBean(FilterChainProxy.class);
 		Assert.assertNotNull(filterChain);
-		final List<Filter> filters = filterChain.getFilters("/sample/jc/saml2/sso/test-id");
+		final List<Filter> filters = filterChain.getFilters("/login/saml2/sso/one");
 		Assert.assertNotNull(filters);
 		Saml2WebSsoAuthenticationFilter filter = (Saml2WebSsoAuthenticationFilter) filters
 				.stream()
@@ -55,6 +55,6 @@ public void filterWhenLoginProcessingUrlIsSetInJavaConfigThenTheFilterHasIt() {
 				.get();
 		final Object matcher = ReflectionTestUtils.getField(filter, "requiresAuthenticationRequestMatcher");
 		final Object pattern = ReflectionTestUtils.getField(matcher, "pattern");
-		Assert.assertEquals("loginProcessingUrl mismatch", "/sample/jc/saml2/sso/{registrationId}", pattern);
+		Assert.assertEquals("loginProcessingUrl mismatch", "/login/saml2/sso/{registrationId}", pattern);
 	}
 }