Use Spring Boot 2.7 and Spring Security without WebSecurityConfigurerAdapter

[loicdewerchin]

Hello,

would it be possible to update this (excellent!) library to be able to work with recent Spring Boot & Spring Security libraries?

With Spring Boot 2.7 (Spring Security 5.7) the old way of configuring Spring Security with is WebSecurityConfigurerAdapter deprecated : Spring Blog post.

When trying to use the library with the SecurityFilterChain security config, I stumbled on problems like:

• SAMLServiceProviderSecurityConfiguration is not loaded at the time the endpointsMatcher() method is called in the security config
• Retrieve AuthenticationManager from AuthenticationConfiguration to add it as a @Bean works, but after login results in a StackOverflow errors

Thank you.

[ulisesbocchio]

Let me see what I can do :)

[ilsevdm]

Let me see what I can do :)

That would be awesome ! Thanks for your time and consideration.

[ravikumar-marimuthu]

Any update on this, While we are migrating to spring 3.X versions also getting same issue. If any update without using WebSecurityConfigurerAdapter which is depricated and removed from spring versions 3.x.
If any help will be appreciated.

[ulisesbocchio]

Been looking at this. But it looks Spring Security 6 already has native support for SAML, so you probably don't need this plugin anymore.
As stated here, the library this plugin uses: spring-security-saml is being deprecated also.
https://spring.io/projects/spring-security-saml