Announcement Announcement Module
Collapse
No announcement yet.
Registering user at SP Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Registering user at SP

    Hello,

    We are building an application with multiple-login function (username/password, facebook login with spring-social, etc.), and we want to integrate SAML as well. We would like to use the spring-security-saml extension, and we want to reach the same behavior that spring-social produces:
    1. User clicks on specific login button (for example "Login with Facebook").
    2. The user is forwarded to the selected provider's login page, and logs in.
    3. The user is redirected to our application.
    3.1. If the user is registered in our application, the login is successful (and the user is authenticated by spring security).
    3.2. If the user is not registered in our applicaton, a registration form is displayed.
    3.2.1. The authentication only happens, if the user clicks on the registration button.

    How can we do this? Is there a best practice for this?

  • #2
    One way is to implement a custom org.springframework.security.saml.userdetails.SAML UserDetailsService which performs verification whether user is already registered or not. In case she's not, raise a UsernameNotFoundException (and possibly extend it to store additional data about the user inside the exception). Plug the implementation into the samlAuthenticationProvider bean.

    Then implement a custom org.springframework.security.web.authentication.Au thenticationFailureHandler which verifies whether authentication failed with the UsernameNotFoundException and redirects user to the registration page. The implementation should be plugged into bean samlWebSSOProcessingFilter.

    Comment

    Working...
    X