Spring SAML 扩展和 spring 安全性 5
Spring SAML extension and spring security 5
谁能告诉我 spring saml 扩展和 spring security 5 saml 之间有什么区别。我发现 spring 安全 5 中的配置较少。
Spring 未积极开发安全 SAML 扩展。
Spring 安全团队选择为 SAML 2 身份验证提供框架支持,作为核心 Spring 安全的一部分,自版本 5.2.0 起可用。
如您所述,Spring 安全核心中还不存在所有功能。
来自Spring Security documentation
SAML 2 Service Provider, SP a.k.a. a relying party, support existed as an independent project since 2009. The 1.0.x branch is still in use, including in the Cloud Foundry User Account and Authentication Server that also created a SAML 2.0 Identity Provider implementation based on the SP implementation.
In 2018 we experimented with creating an updated implementation of both a Service Provider and Identity Provider as a standalone library. After careful, and lengthy, deliberation we, the Spring Security team, decided to discontinue that effort. While this effort created a replacement for that standalone 1.0.x library we didn’t feel that we should build a library on top of another library.
Instead we opted to provide framework support for SAML 2 authentication as part of core Spring Security instead.
This project is being rewritten.
...
we will not be publishing any official releases of the 2.0.0 milestones, but will maintain it until all feature functionality that exists in the milestones are part of Spring Security.
We continue to accept pull request for the 1.0.x branch, but are not actively developing it.
谁能告诉我 spring saml 扩展和 spring security 5 saml 之间有什么区别。我发现 spring 安全 5 中的配置较少。
Spring 未积极开发安全 SAML 扩展。
Spring 安全团队选择为 SAML 2 身份验证提供框架支持,作为核心 Spring 安全的一部分,自版本 5.2.0 起可用。
如您所述,Spring 安全核心中还不存在所有功能。
来自Spring Security documentation
SAML 2 Service Provider, SP a.k.a. a relying party, support existed as an independent project since 2009. The 1.0.x branch is still in use, including in the Cloud Foundry User Account and Authentication Server that also created a SAML 2.0 Identity Provider implementation based on the SP implementation.
In 2018 we experimented with creating an updated implementation of both a Service Provider and Identity Provider as a standalone library. After careful, and lengthy, deliberation we, the Spring Security team, decided to discontinue that effort. While this effort created a replacement for that standalone 1.0.x library we didn’t feel that we should build a library on top of another library.
Instead we opted to provide framework support for SAML 2 authentication as part of core Spring Security instead.
This project is being rewritten.
...
we will not be publishing any official releases of the 2.0.0 milestones, but will maintain it until all feature functionality that exists in the milestones are part of Spring Security.
We continue to accept pull request for the 1.0.x branch, but are not actively developing it.