Announcement Announcement Module
No announcement yet.
Spring Security SAML v2 library availability Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security SAML v2 library availability


    The link for downloading the distribution for SAML Security extension is broken:

    Found this git repository and from that I have built and integrated SAML 2.0
    support into my spring webapp:


    Here are the maven artifact definitions from the files in the repository:

    <groupId> </groupId>

    <name>Spring Security SAML v2 library</name>

    Can you all tell me if this extension is about to be GA released and if so when
    we might expect that to take place?

    Thank you,

  • #2
    There are no plans for a GA release of the SAML extension at the moment.


    • #3
      Thanks Luke. Good to know. We'll use it as-is then.


      • #4
        Originally posted by Luke Taylor View Post
        There are no plans for a GA release of the SAML extension at the moment.
        Just out of curiosity, is there a reason for that?


        • #5
          It would be very good to get some understanding of when this will be GAed. This is potentially a very valuable extension IMO.


          • #6
            I agree, SAML support is an essential component of Spring Security for it to remain a viable enterprise option for medium/large projects. Virtually all projects in the last 12 months that I have been involved with in the Financial Services and Government/Public Sector have included SAML support as a prerequisite.


            • #7
              SAML2 are mandatory for every program that I am on. Wide use. The Rest is no where near as secure. Will SAML2 w/extension capability be rolled out to GA soon ?


              • #8
                I don't think the Spring-SAML extension is being actively maintained. In the end we created a fork of the project and we maintain it ourselves.


                • #9
                  Hi guys,

                  My client has a security policy against the use of snapshots for their third party artifacts, due the actual status regarding this discussion, the best strategy in order to use this feature is to fork the project and release it? Why is that?

                  @thobson Did you published and released your fork as a forked open source project?


                  • #10

                    The RC2 release is coming up in very near future. Followed some time after by a GA with possible bug fixes, there are no more features planned for it. The current trunk version is stable and will not be significantly changed. The main missing part is additional documentation.

                    The reason for limited progress is lack of my time-to-code-during-nights-and-weekends.

                    Vladimír Schäfer


                    • #11
                      That's good news Vladimir, SAML capabilities are very much needed in Spring Security! Thank you for your hard work on this.