# 生成<saml2:SPSSODescriptor>
元数据
你可以通过将Saml2MetadataFilter
添加到筛选链来发布元数据端点,如下所示:
Java
DefaultRelyingPartyRegistrationResolver relyingPartyRegistrationResolver =
new DefaultRelyingPartyRegistrationResolver(this.relyingPartyRegistrationRepository);
Saml2MetadataFilter filter = new Saml2MetadataFilter(
relyingPartyRegistrationResolver,
new OpenSamlMetadataResolver());
http
// ...
.saml2Login(withDefaults())
.addFilterBefore(filter, Saml2WebSsoAuthenticationFilter.class);
Kotlin
val relyingPartyRegistrationResolver: Converter<HttpServletRequest, RelyingPartyRegistration> =
DefaultRelyingPartyRegistrationResolver(this.relyingPartyRegistrationRepository)
val filter = Saml2MetadataFilter(
relyingPartyRegistrationResolver,
OpenSamlMetadataResolver()
)
http {
//...
saml2Login { }
addFilterBefore<Saml2WebSsoAuthenticationFilter>(filter)
}
你可以使用此元数据端点将你的依赖方注册为你的断言方.这通常很简单,只需找到正确的表单字段来提供元数据端点即可。
默认情况下,元数据端点是/saml2/service-provider-metadata/{registrationId}
。你可以通过调用过滤器上的setRequestMatcher
方法来更改这一点:
Java
filter.setRequestMatcher(new AntPathRequestMatcher("/saml2/metadata/{registrationId}", "GET"));
Kotlin
filter.setRequestMatcher(AntPathRequestMatcher("/saml2/metadata/{registrationId}", "GET"))
或者,如果你在构造函数中注册了一个自定义依赖方注册解析器,那么你可以在没有registrationId
提示的情况下指定一个路径,就像这样:
Java
filter.setRequestMatcher(new AntPathRequestMatcher("/saml2/metadata", "GET"));
Kotlin
filter.setRequestMatcher(AntPathRequestMatcher("/saml2/metadata", "GET"))