1

I am using spring boot 1.4.0+spring-security-saml2-core 1.0.2 with the help of following link Spring-Boot-Saml-example it is working great. Now i would like to disable the spring-saml security in my local environment(Local PC).It should work in DEV & Production environment.What is the minimal change i should do to disable the SAML security in spring-Boot? or is it possible to set default user who is having all the securities so that SAML won't do the security checks(This is my assumption).

Cœur
  • 37,241
  • 25
  • 195
  • 267
VelNaga
  • 3,593
  • 6
  • 48
  • 82
  • It would be great at least some one provide a hint to resolve this issue. – VelNaga Jul 22 '16 at 15:52
  • not sure if you've seen this: https://github.com/ulisesbocchio/spring-boot-security-saml but eases integration between spring boot and spring-security-saml – Ulises Aug 08 '16 at 02:50

1 Answers1

2

The correct way to accomplish this is to use Spring Profiles. You can setup a local profile that uses basic authentication and then enable SAML in your higher environments.

Profile Tutorial

Disable Spring Security using profiles

blur0224
  • 972
  • 8
  • 26
  • Thank you for your reply.while gone through the link it seems it will resolve my problem.In the application.properties file i will set following property spring.profiles.active=local(For dev it will be dev) and in the WebSecurityConfig.java i will set @Profile("dev") so that SAML configuration will be run for Dev environment instead of local right?I hope those informations are sufficient also i have environment spcific property file so i can flip it easily.Let me know for any more changes – VelNaga Jul 24 '16 at 09:01
  • It is working great.Thank a lot for the shared links. – VelNaga Jul 24 '16 at 11:28
  • 1
    Is it possible to include a dummy user in SAML security context? Because currently if the profile is "local" SAML itself not getting excuted instead i want to run SAML with dummy(HardCoded) user if the profile is local or have a create SAML session with dummy user.Is it possible?I am also ok to create new stack overflow question. – VelNaga Jul 26 '16 at 12:32
  • 1
    Yes, this should be possible. I would recommend opening a new question for it where you include code from your SamlUserDetail Service. This is a matter of creating an in memory user with the same granted authorities that the SAML user is issued. – blur0224 Jul 26 '16 at 12:40
  • Thank you.Let me create it now. – VelNaga Jul 26 '16 at 14:08
  • I have created following stack overflow question http://stackoverflow.com/questions/38592343/how-to-create-an-in-memory-user-in-saml to create an in memory user with the same granted authorities that the SAML user is issued. – VelNaga Jul 26 '16 at 14:17