From af4c28ccca9befab62303057bc6271ed01a5c9d7 Mon Sep 17 00:00:00 2001 From: sudhakaropsmx Date: Thu, 24 Oct 2024 18:14:14 +0530 Subject: [PATCH] OP-22767: Bugfix for SAML2 Authentication validation removed Assertion disable flags --- .../gate/security/saml/SamlSecurityConfiguration.java | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSecurityConfiguration.java b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSecurityConfiguration.java index f3743e9e96..5a368eae2c 100644 --- a/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSecurityConfiguration.java +++ b/gate-saml/src/main/java/com/opsmx/spinnaker/gate/security/saml/SamlSecurityConfiguration.java @@ -100,9 +100,6 @@ public class SamlSecurityConfiguration { @Value("${spring.security.saml2.validation.inresponseto:false}") private boolean ignoreInResponseToValidation; - @Value("${spring.security.saml2.validation.assertion:false}") - private boolean ignoreAssertionValidation; - @Bean public UserDetailsService userDetailsService() { return username -> { @@ -123,16 +120,15 @@ public RememberMeServices rememberMeServices(UserDetailsService userDetailsServi @Bean public OpenSaml4AuthenticationProvider authenticationProvider() { + var authProvider = new OpenSaml4AuthenticationProvider(); authProvider.setResponseAuthenticationConverter(extractUserDetails()); - log.debug("ignoreAssertionValidation :{}", ignoreAssertionValidation); - if (ignoreAssertionValidation) { - authProvider.setAssertionValidator(removeAssertionError()); - } log.debug("ignoreInResponseToValidation :{}", ignoreInResponseToValidation); if (ignoreInResponseToValidation) { + authProvider.setAssertionValidator(removeAssertionError()); authProvider.setResponseValidator(removeInResonseToError()); } + return authProvider; }