From 5a6b5fe334267f543d03b457c548a690a93df518 Mon Sep 17 00:00:00 2001 From: 1993heqiang <531364804@qq.com> Date: Fri, 2 Jun 2023 23:21:06 +0800 Subject: [PATCH 1/3] Fix typo overview.adoc --- docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc index edd565a7e26..e81a5714839 100644 --- a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc +++ b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc @@ -283,7 +283,7 @@ There are two ``@Bean``s that Spring Boot generates for a relying party. The first is a `SecurityFilterChain` that configures the app as a relying party. When including `spring-security-saml2-service-provider`, the `SecurityFilterChain` looks like: -.Default JWT Configuration +.Default SAML 2.0 Login Configuration ==== .Java [source,java,role="primary"] From 2ba8154bc38d46d68a073a5498209fab97005d63 Mon Sep 17 00:00:00 2001 From: 1993heqiang <531364804@qq.com> Date: Sat, 3 Jun 2023 19:13:54 +0800 Subject: [PATCH 2/3] Fix typo authentication.adoc --- docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc b/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc index eb5ff67778b..f091180e9a3 100644 --- a/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc +++ b/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc @@ -337,7 +337,7 @@ Spring Security decrypts ``, ``, like ``. The assertion decrypter is for decrypting encrypted elements of the ``, like `` and ``. -You can replace `OpenSaml4AuthenticationProvider`'s default decryption strategy with your own. +You can replace `OpenSaml4AuthenticationProvider` 's default decryption strategy with your own. For example, if you have a separate service that decrypts the assertions in a ``, you can use it instead like so: ==== From 18ded04d2fe13dbe1cecf3ffb14b1783a89d08f4 Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Mon, 5 Jun 2023 12:35:28 -0600 Subject: [PATCH 3/3] Change possessives to use two ticks --- .../ROOT/pages/servlet/saml2/login/authentication.adoc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc b/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc index f091180e9a3..8cfced21525 100644 --- a/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc +++ b/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc @@ -96,7 +96,7 @@ relyingPartyRegistrationBuilder.assertionConsumerServiceLocation("/saml2/login/s == Setting a Clock Skew It's not uncommon for the asserting and relying parties to have system clocks that aren't perfectly synchronized. -For that reason, you can configure `OpenSaml4AuthenticationProvider` 's default assertion validator with some tolerance: +For that reason, you can configure ``OpenSaml4AuthenticationProvider``'s default assertion validator with some tolerance: ==== .Java @@ -238,7 +238,7 @@ open class SecurityConfig { <3> Third, return a custom authentication that includes the user details [NOTE] -It's not required to call `OpenSaml4AuthenticationProvider` 's default authentication converter. +It's not required to call ``OpenSaml4AuthenticationProvider``'s default authentication converter. It returns a `Saml2AuthenticatedPrincipal` containing the attributes it extracted from ``AttributeStatement``s as well as the single `ROLE_USER` authority. [[servlet-saml2login-opensamlauthenticationprovider-additionalvalidation]] @@ -271,7 +271,7 @@ After verifying the signature, it will: 1. Validate `` and `` conditions 2. Validate ````s, expect for any IP address information -To perform additional validation, you can configure your own assertion validator that delegates to `OpenSaml4AuthenticationProvider` 's default and then performs its own. +To perform additional validation, you can configure your own assertion validator that delegates to ``OpenSaml4AuthenticationProvider``'s default and then performs its own. [[servlet-saml2login-opensamlauthenticationprovider-onetimeuse]] For example, you can use OpenSAML's `OneTimeUseConditionValidator` to also validate a `` condition, like so: @@ -325,7 +325,7 @@ provider.setAssertionValidator { assertionToken -> ==== [NOTE] -While recommended, it's not necessary to call `OpenSaml4AuthenticationProvider` 's default assertion validator. +While recommended, it's not necessary to call ``OpenSaml4AuthenticationProvider``'s default assertion validator. A circumstance where you would skip it would be if you don't need it to check the `` or the `` since you are doing those yourself. [[servlet-saml2login-opensamlauthenticationprovider-decryption]] @@ -337,7 +337,7 @@ Spring Security decrypts ``, ``, like ``. The assertion decrypter is for decrypting encrypted elements of the ``, like `` and ``. -You can replace `OpenSaml4AuthenticationProvider` 's default decryption strategy with your own. +You can replace ``OpenSaml4AuthenticationProvider``'s default decryption strategy with your own. For example, if you have a separate service that decrypts the assertions in a ``, you can use it instead like so: ====