SES-74 Changed order of initialization - metadata is generated before…

… entry point can get invoked. Added link to display direct metadata.

spring-security-saml/saml2-sample/src/main/resources/security/securityContext.xml

@@ -16,8 +16,8 @@
         <security:intercept-url pattern="/logout.jsp" filters="none"/>
         <security:intercept-url pattern="/login.jsp" filters="none"/>
         <security:intercept-url pattern="/favicon.ico" filters="none"/>
-        <security:custom-filter position="PRE_AUTH_FILTER" ref="metadataFilter"/>
-        <security:custom-filter before="PRE_AUTH_FILTER" ref="samlEntryPoint"/>
+        <security:custom-filter before="PRE_AUTH_FILTER" ref="metadataFilter"/>
+        <security:custom-filter position="PRE_AUTH_FILTER" ref="samlEntryPoint"/>
         <security:custom-filter after="BASIC_AUTH_FILTER" ref="samlProcessingFilter"/>
         <security:custom-filter after="LOGOUT_FILTER" ref="samlLogoutFilter"/>
         <security:custom-filter before="LOGOUT_FILTER" ref="samlLogoutProcessingFilter"/>
@@ -78,7 +78,7 @@
     <bean id="samlEntryPoint" class="org.springframework.security.saml.SAMLEntryPoint">
         <property name="filterSuffix" value="/saml/login"/>
         <!-- OPTIONAL property: In case idpSelectionPath property is not set the user will be redirected to the default IDP -->
-        <property name="idpSelectionPath" value="WEB-INF/security/idpSelection.jsp"/>
+        <property name="idpSelectionPath" value="/WEB-INF/security/idpSelection.jsp"/>
         <property name="defaultProfileOptions">
             <bean class="org.springframework.security.saml.websso.WebSSOProfileOptions">
                 <property name="includeScoping" value="false"/>

spring-security-saml/saml2-sample/src/main/webapp/WEB-INF/security/metadataView.jsp

@@ -15,109 +15,122 @@
 </p>
 
 <form:form commandName="metadata">
-    <table>
-        <tr>
-            <td>Entity ID:</td>
-            <td><form:input readonly="true" path="entityId"/></td>
-        </tr>
-        <tr>
-            <td>Entity alias:</td>
-            <td><form:input readonly="true" path="alias"/></td>
-        </tr>
-
-        <tr>
-            <td>Signing key:</td>
-            <td><form:input readonly="true" path="signingKey"/></td>
-        </tr>
-        <tr>
-            <td>Encryption key:</td>
-            <td><form:input readonly="true" path="encryptionKey"/></td>
-        </tr>
-
-        <tr>
-            <td>Require signed LogoutRequest:</td>
-            <td>
-                <form:select path="requireLogoutRequestSigned" multiple="false" disabled="true">
-                    <form:option value="true">Yes</form:option>
-                    <form:option value="false">No</form:option>
-                </form:select>
-            </td>
-        </tr>
-        <tr>
-            <td>Require signed LogoutResponse:</td>
-            <td>
-                <form:select path="requireLogoutResponseSigned" multiple="false" disabled="true">
-                    <form:option value="true">Yes</form:option>
-                    <form:option value="false">No</form:option>
-                </form:select>
-            </td>
-        </tr>
-        <tr>
-            <td>Require signed ArtifactResolve:</td>
-            <td>
-                <form:select path="requireArtifactResolveSigned" multiple="false" disabled="true">
-                    <form:option value="true">Yes</form:option>
-                    <form:option value="false">No</form:option>
-                </form:select>
-            </td>
-        </tr>
-
-        <c:if test="${metadata.local eq true}">
-
-            <tr>
-                <td>&nbsp;</td>
-            </tr>
-
-            <tr>
-                <td>Instructions:</td>
-                <td>
-                    <strong>In order to permanently store the metadata follow these instructions:</strong>
-                    <ul>
-                        <li>Store metadata content in file ${storagePath}</li>
-                        <li>Make sure to update your identity provider(s) with the generated metadata.</li>
-                        <li>Modify bean "metadata" in your securityContext.xml and include content from the
-                            configuration bellow
-                        </li>
-                    </ul>
-                </td>
-            </tr>
-
-        </c:if>
-
-        <tr>
-            <td>&nbsp;</td>
-        </tr>
-
-        <tr>
-            <td>Metadata:</td>
-            <td>
-                <textarea rows="15" cols="100" readonly="true"><c:out
-                        value="${metadata.serializedMetadata}"/></textarea>
-            </td>
-        </tr>
-
-        <c:if test="${metadata.local eq true}">
-
-            <tr>
-                <td>&nbsp;</td>
-            </tr>
-
-            <tr>
-                <td>Configuration:</td>
-
-                <td>
-                    <textarea rows="15" cols="100" readonly="true"><c:out value="${metadata.configuration}"/></textarea>
-                </td>
-            </tr>
-
-        </c:if>
-
-    </table>
-</form:form>
+
+<p>
+    <c:choose>
+    <c:when test="${metadata.alias != null}">
+    <a href="<c:url value="/saml/metadata/alias/${metadata.alias}"/>">Direct entity metadata</a>
+    </c:when>
+    <c:otherwise>
+    <a href="<c:url value="/saml/metadata"/>">Direct entity metadata</a>
+    </c:otherwise>
+    </c:choose>
+</p>
+
+<table>
+    <tr>
+        <td>Entity ID:</td>
+        <td><form:input readonly="true" path="entityId"/></td>
+    </tr>
+    <tr>
+        <td>Entity alias:</td>
+        <td><form:input readonly="true" path="alias"/></td>
+    </tr>
+
+    <tr>
+        <td>Signing key:</td>
+        <td><form:input readonly="true" path="signingKey"/></td>
+    </tr>
+    <tr>
+        <td>Encryption key:</td>
+        <td><form:input readonly="true" path="encryptionKey"/></td>
+    </tr>
+
+    <tr>
+        <td>Require signed LogoutRequest:</td>
+        <td>
+            <form:select path="requireLogoutRequestSigned" multiple="false" disabled="true">
+            <form:option value="true">Yes</form:option>
+            <form:option value="false">No</form:option>
+            </form:select>
+        </td>
+    </tr>
+    <tr>
+        <td>Require signed LogoutResponse:</td>
+        <td>
+            <form:select path="requireLogoutResponseSigned" multiple="false" disabled="true">
+            <form:option value="true">Yes</form:option>
+            <form:option value="false">No</form:option>
+            </form:select>
+        </td>
+    </tr>
+    <tr>
+        <td>Require signed ArtifactResolve:</td>
+        <td>
+            <form:select path="requireArtifactResolveSigned" multiple="false" disabled="true">
+            <form:option value="true">Yes</form:option>
+            <form:option value="false">No</form:option>
+            </form:select>
+        </td>
+    </tr>
+
+    <c:if test="${metadata.local eq true}">
+
+    <tr>
+        <td>&nbsp;</td>
+    </tr>
+
+    <tr>
+        <td>Instructions:</td>
+        <td>
+            <strong>In order to permanently store the metadata follow these instructions:</strong>
+            <ul>
+                <li>Store metadata content in file ${storagePath}</li>
+                <li>Make sure to update your identity provider(s) with the generated metadata.</li>
+                <li>Modify bean "metadata" in your securityContext.xml and include content from the
+                    configuration bellow
+                </li>
+            </ul>
+        </td>
+    </tr>
+
+    </c:if>
+
+    <tr>
+        <td>&nbsp;</td>
+    </tr>
+
+    <tr>
+        <td>Metadata:</td>
+        <td>
+            <textarea rows="15" cols="100" readonly="true"><c:out
+            value="${metadata.serializedMetadata}"/></textarea>
+        </td>
+    </tr>
+
+    <c:if test="${metadata.local eq true}">
+
+    <tr>
+        <td>&nbsp;</td>
+    </tr>
+
+    <tr>
+        <td>Configuration:</td>
+
+        <td>
+            <textarea rows="15" cols="100" readonly="true"><c:out value="${metadata.configuration}"/></textarea>
+        </td>
+    </tr>
+
+    </c:if>
+
+</table>
 
 <p>
     <a href="<c:url value="/saml/web/metadata"/>">&lt;&lt Back</a>
 </p>
 
+</form:form>
+
 </body>
 </html>