如何将 "Organization" 声明添加到 SP 的元数据 (Spring SAML) 中?
How can I add "Organization" declaration into SP's metadata (Spring SAML)?
有没有什么方法可以将有关组织的信息包含到生成的具有 Spring 安全性 的 SP 元数据中?因为默认情况下我看不到它包含在生成的元数据中 XML.
我目前得到的
我尝试创建自定义 class SAMLMetadataGenerator 扩展框架的 class MetadataGenerator,然后尝试 Override buildExtensions 方法如下:
public class SAMLMetadataGenerator extends MetadataGenerator {
@Override
protected Extensions buildExtensions(String entityBaseURL, String entityAlias) {
super.setIncludeDiscoveryExtension(true);
Extensions extensions = super.buildExtensions(entityBaseURL, entityAlias);
if (extensions != null)
extensions.getUnknownXMLObjects().add(generateOrganization());
return extensions;
}
private Organization generateOrganization() {
OrganizationBuilder organizationBuilder = new OrganizationBuilder();
Organization organization = organizationBuilder.buildObject();
OrganizationNameBuilder organizationNameBuilder = new OrganizationNameBuilder();
OrganizationName organizationName = organizationNameBuilder.buildObject();
organizationName.setName(new LocalizedString("ACME", "en"));
OrganizationDisplayNameBuilder displayNameBuilder = new OrganizationDisplayNameBuilder();
OrganizationDisplayName organizationDisplayName = displayNameBuilder
.buildObject();
organizationDisplayName.setName(new LocalizedString("ACME Corporation", "en"));
OrganizationURLBuilder organizationURLBuilder = new OrganizationURLBuilder();
OrganizationURL organizationURL = organizationURLBuilder.buildObject();
organizationURL.setURL(new LocalizedString("http://spid.serviceprovider.it", "it"));
organization.getOrganizationNames().add(organizationName);
organization.getDisplayNames().add(organizationDisplayName);
organization.getURLs().add(organizationURL);
return organization;
}
}
这样生成的 SP 的元数据是:
<md:EntityDescriptor
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="com_xegiy84105_spring_sp" entityID="com:xegiy84105:spring:sp">
<!-- Other things here -->
<md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<idpdisco:DiscoveryResponse
xmlns:idpdisco="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://localhost:8091/DM-WEB/saml/login?disco=true" index="0"/>
<md:Organization>
<md:OrganizationName xml:lang="en">ACME</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">ACME Corporation</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="it">http://spid.serviceprovider.it</md:OrganizationURL>
</md:Organization>
</md:Extensions>
<!-- Other things here -->
</md:SPSSODescriptor>
</md:EntityDescriptor>
它应该是怎样的
但是“组织”块应该被插入而不被 <md:Extensions/> 包围并且它应该作为 <md:EntityDescriptor/> 块的 直接子 放置类似于以下片段:
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
entityID="https://spid.serviceprovider.it"
ID="_0j40cj0848d8e3jncjdjss...">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
[...]
</ds:Signature>
<md:SPSSODescriptor
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
AuthnRequestsSigned="true"
WantAssertionsSigned="true">
[...]
</md:SPSSODescriptor>
<md:Organization>
<OrganizationName xml:lang="it">Service provider</OrganizationName>
<OrganizationDisplayName xml:lang="it">Nome service provider</OrganizationDisplayName>
<OrganizationURL xml:lang="it">http://spid.serviceprovider.it</OrganizationURL>
</md:Organization>
</md:EntityDescriptor>
实现这个目标的正确方法是什么?
谢谢。
它在扩展中的原因是:
extensions.getUnknownXMLObjects().add(generateOrganization());
根据 docs for MetadataGenerator 你可以使用:
generateMetadata()
其中 returns 和 EntityDescriptor,您可以将组织添加到:
setOrganization(generateOrganization());
有没有什么方法可以将有关组织的信息包含到生成的具有 Spring 安全性 的 SP 元数据中?因为默认情况下我看不到它包含在生成的元数据中 XML.
我目前得到的
我尝试创建自定义 class SAMLMetadataGenerator 扩展框架的 class MetadataGenerator,然后尝试 Override buildExtensions 方法如下:
public class SAMLMetadataGenerator extends MetadataGenerator {
@Override
protected Extensions buildExtensions(String entityBaseURL, String entityAlias) {
super.setIncludeDiscoveryExtension(true);
Extensions extensions = super.buildExtensions(entityBaseURL, entityAlias);
if (extensions != null)
extensions.getUnknownXMLObjects().add(generateOrganization());
return extensions;
}
private Organization generateOrganization() {
OrganizationBuilder organizationBuilder = new OrganizationBuilder();
Organization organization = organizationBuilder.buildObject();
OrganizationNameBuilder organizationNameBuilder = new OrganizationNameBuilder();
OrganizationName organizationName = organizationNameBuilder.buildObject();
organizationName.setName(new LocalizedString("ACME", "en"));
OrganizationDisplayNameBuilder displayNameBuilder = new OrganizationDisplayNameBuilder();
OrganizationDisplayName organizationDisplayName = displayNameBuilder
.buildObject();
organizationDisplayName.setName(new LocalizedString("ACME Corporation", "en"));
OrganizationURLBuilder organizationURLBuilder = new OrganizationURLBuilder();
OrganizationURL organizationURL = organizationURLBuilder.buildObject();
organizationURL.setURL(new LocalizedString("http://spid.serviceprovider.it", "it"));
organization.getOrganizationNames().add(organizationName);
organization.getDisplayNames().add(organizationDisplayName);
organization.getURLs().add(organizationURL);
return organization;
}
}
这样生成的 SP 的元数据是:
<md:EntityDescriptor
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="com_xegiy84105_spring_sp" entityID="com:xegiy84105:spring:sp">
<!-- Other things here -->
<md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<idpdisco:DiscoveryResponse
xmlns:idpdisco="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://localhost:8091/DM-WEB/saml/login?disco=true" index="0"/>
<md:Organization>
<md:OrganizationName xml:lang="en">ACME</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">ACME Corporation</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="it">http://spid.serviceprovider.it</md:OrganizationURL>
</md:Organization>
</md:Extensions>
<!-- Other things here -->
</md:SPSSODescriptor>
</md:EntityDescriptor>
它应该是怎样的
但是“组织”块应该被插入而不被 <md:Extensions/> 包围并且它应该作为 <md:EntityDescriptor/> 块的 直接子 放置类似于以下片段:
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
entityID="https://spid.serviceprovider.it"
ID="_0j40cj0848d8e3jncjdjss...">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
[...]
</ds:Signature>
<md:SPSSODescriptor
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
AuthnRequestsSigned="true"
WantAssertionsSigned="true">
[...]
</md:SPSSODescriptor>
<md:Organization>
<OrganizationName xml:lang="it">Service provider</OrganizationName>
<OrganizationDisplayName xml:lang="it">Nome service provider</OrganizationDisplayName>
<OrganizationURL xml:lang="it">http://spid.serviceprovider.it</OrganizationURL>
</md:Organization>
</md:EntityDescriptor>
实现这个目标的正确方法是什么? 谢谢。
它在扩展中的原因是:
extensions.getUnknownXMLObjects().add(generateOrganization());
根据 docs for MetadataGenerator 你可以使用:
generateMetadata()
其中 returns 和 EntityDescriptor,您可以将组织添加到:
setOrganization(generateOrganization());