Feature Request Spring Security SAML -


i work company develops software heavily based on spring framework. our developers use spring framework while , satisfied. when comes spring security (we use spring security kerberos pretty long time , last year added support spring security saml).

spring security saml reason why have contact you. cause are, right now, in situation customer reach limits of saml extension , need support you.

we tried contacting vladimir schäfer directly has not yet responded. when tried ask pivotal help, redirected me you, community.

but chase. first if all, i’m not developer (i’m “just” regular sysadmin) excuse me if mix terms.

at moment, have 3 issues spring security saml.

1) hashing: far know, right spring security saml supports sha1 secure hashing algorithm.

unfortunately many of our customers (especially banks) tend drop support sha1 (microsoft uses sha256 default algorithm since adfs 3.0).

i know vladimir posted code snippts while should solve issue (setting extendedmetadata 'signingalgorithm' field) our developers prefer not mess original code. love see changes in core code support sha256.

2) bouncy castle dependency... right now, spring security saml needs outdated version of bouncy castle (offically) not compatible java 8. know there open issue (https://github.com/spring-projects/spring-security-saml/issues/144) covers this, sadly nothing changed in on year.

3) use spring security saml federate microsoft adfs servers. per default there key rollover every 12 months signing , encryption keys. on adfs (idp) side, happens automatic. on "our" (sp) side, have manually import/update new keys. wanted know if there might chance automate process well.

this helpfull in future.

to clear: willing pay our share these changes. thing ask is, these changes (at least 1 , 2) go core code of spring security saml. reason is, don't want "hack" official core code unless have to.

i happy hear you. :)

best regards rené


Comments

Post a Comment

Popular posts from this blog

Sort a complex associative array in PHP -

this question has answer here: php sort array subarray value 5 answers i have associative array in php like: $newarray1 = array ( [producta] => array ( [link] => http://sanjosespartan.com/blog/products/agile-java-development/ [visitcount] => 4 ) [productd] => array ( [link] => http://sanjosespartan.com/blog/products/intro-to-go/ [visitcount] => 1 ) [productg] => array ( [link] => http://sanjosespartan.com/blog/products/node-js-for-developers/ [visitcount] => 1 ) [productb] => array ( [link] => http://sanjosespartan.com/blog/products/beginning-mysql/ [visitcount] => 1 ) [productc] => array ( [link] => http://sanjosespartan.com/blog/products/computer-networks/ [visitcount] => 1 ) ...
Read more

vb.net - How to ignore if a cell is empty nothing -

how use roscolor() ignore value (like empty cell) ? color row if value upper 5 when there nothing in cell, want ignore roscolor() apply, how? public sub roscolor() integer = 0 quotedatagridview1.rows.count() - 1 step +1 dim val integer val = quotedatagridview1.rows(i).cells(3).value if val = vbempty quotedatagridview1.rows(i).defaultcellstyle.backcolor = color.white elseif val < 5 quotedatagridview1.rows(i).defaultcellstyle.backcolor = color.red elseif val > 5 , val < 10 quotedatagridview1.rows(i).defaultcellstyle.backcolor = color.lightyellow end if next end sub you can check empty value following public sub roscolor() integer = 0 quotedatagridview1.rows.count() - 1 step +1 dim val = quotedatagridview1.rows(i).cells(3).value if isdbnull(val) or val nothing quotedatagridview1.rows(i).defaultcellstyle.backcolor = color.white ...
Read more

recursion - Can every recursive algorithm be improved with dynamic programming? -

i first year undergraduate csc student looking competitive programming. recursion involves defining , solving sub problems. understand, top down dynamic programming (dp) involves memoizing solutions sub problems reduce time complexity of algorithm. can top down dp used improve efficiency of every recursive algorithm overlapping sub problems? dp fail work , how can identify this? the short answer is: yes. however, there constraints. obvious 1 recursive calls must overlap. i.e. during execution of algorithm, recursive function must called multiple times same parameters. lets truncate recursion tree memoization. can use memoization reduce number of calls. however, reduction of calls comes price. need store results somewhere. next obvious constraint need have enough memory. comes not-so obvious constraint. memory access requires time. first need find result stored , maybe copy location. in cases, might faster let recursion calculate result instead of loading somewher...
Read more