Our application has a loadbalancer and Tomcat TC server instances. Recently SAML SSO has been configured on the load balancer.
My question is, since SSO is already configured on the loadbalancer, do we still need to import the IDP metadata.xml in the application war file, deployed in the Tomcat TC server(like shown in the below code snippet). IF not what configuration do we need to apply in order to retrieve the User info object after successful authentication?
<!-- IDP Metadata configuration - paths to metadata of IDPs in circle of trust is here -->
<beans:bean id="metadata" class="org.springframework.security.saml.metadata.CachingMetadataManager">
<beans:constructor-arg>
<beans:list>
<beans:bean class="org.springframework.security.saml.metadata.ExtendedMetadataDelegate">
<beans:constructor-arg>
<beans:bean class="org.opensaml.saml2.metadata.provider.ResourceBackedMetadataProvider">
<beans:constructor-arg>
<beans:bean class="java.util.Timer" />
</beans:constructor-arg>
<beans:constructor-arg>
<beans:bean class="org.opensaml.util.resource.ClasspathResource">
<beans:constructor-arg value="/metadata/my-org-idp.xml"/>
</beans:bean>
</beans:constructor-arg>
<beans:property name="parserPool" ref="parserPool" />
</beans:bean>
</beans:constructor-arg>
<beans:constructor-arg>
<beans:bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
<beans:property name="local" value="true"></beans:property>
</beans:bean>
</beans:constructor-arg>
</beans:bean>
</beans:list>
</beans:constructor-arg>
Aucun commentaire:
Enregistrer un commentaire