Spring SAML 2.0 extention does not use the public certificate imported in the keystore.jks

103 views

Skip to first unread message

manjosh ramesh

unread,

Feb 28, 2023, 9:09:45 AM2/28/23

to Keycloak User

Hi All,

I am new to saml 2.0. I'm trying to understand the saml 2.0 springboot extension. I came across the sample app by Vincenzo De Notaris and Thomas Darimont.

Here is the git hub sample: https://github.com/vdenotaris/spring-boot-security-saml-sample

Here is the link to keycloak implementation: https://blog.codecentric.de/secure-spring-boot-app-saml-keycloak

In saml security config, the keymanager bean needs to be defined. saml extension uses a private key to sign and a public certificate to verify. Correct me if I'm wrong.

I see KeyManager bean defined and it loads the private key from keystore.jks.

I don't find where the public certificate is used. Even in the keycloak example, the keystore.jks file needs to be imported in the keys tab with private key alias and password.

Could someone please help?

here is the stackoverflow dicussion: https://stackoverflow.com/questions/75427866/spring-saml-2-0-extention-does-not-use-the-public-certificate-imported-in-the-ke?noredirect=1#comment133188860_75427866

Regards,

Manjosh Ramesh

Reply all

Reply to author

Forward

0 new messages