Skip to content

Commit 492444c

Browse files
jzheauxjzheaux
committed
Update shouldConvertGetRequests Migration Steps
Issue gh-17099
1 parent f73f253 commit 492444c

File tree

1 file changed

+6
-8
lines changed

1 file changed

+6
-8
lines changed

docs/modules/ROOT/pages/migration/servlet/oauth2.adoc

Lines changed: 6 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -83,9 +83,9 @@ fun jwtDecoder(): JwtDecoder {
8383

8484
Spring Security does not support processing `<saml2:Response>` payloads over GET as this is not supported by the SAML 2.0 spec.
8585

86-
To better comply with this, `Saml2AuthenticationTokenConverter` will not process GET requests by default as of Spring Security 8.
86+
To better comply with this, `Saml2AuthenticationTokenConverter`, `OpenSaml4AuthenticationTokenConverter`, and `OpenSaml5AuthenticationTokenConverter` will not process GET requests by default as of Spring Security 8.
8787
To prepare for this, the property `shouldConvertGetRequests` is available.
88-
To use it, publish your own `Saml2AuthenticationTokenConverter` like so:
88+
To use it, publish your own converter like so:
8989

9090
[tabs]
9191
======
@@ -94,9 +94,8 @@ Java::
9494
[source,java,role="primary"]
9595
----
9696
@Bean
97-
Saml2AuthenticationTokenConverter authenticationConverter(RelyingPartyRegistrationRepository registrations) {
98-
Saml2AuhenticationTokenConverter authenticationConverter = new Saml2AuthenticationTokenConverter(
99-
new DefaultRelyingPartyRegistrationResolver(registrations));
97+
OpenSaml5AuthenticationTokenConverter authenticationConverter(RelyingPartyRegistrationRepository registrations) {
98+
OpenSaml5AuthenticationTokenConverter authenticationConverter = new OpenSaml5AuthenticationTokenConverter(registrations);
10099
authenticationConverter.setShouldConvertGetRequests(false);
101100
return authenticationConverter;
102101
}
@@ -108,12 +107,11 @@ Kotlin::
108107
----
109108
@Bean
110109
fun authenticationConverter(val registrations: RelyingPartyRegistrationRepository): Saml2AuthenticationTokenConverter {
111-
val authenticationConverter = new Saml2AuthenticationTokenConverter(
112-
DefaultRelyingPartyRegistrationResolver(registrations))
110+
val authenticationConverter = Saml2AuthenticationTokenConverter(registrations)
113111
authenticationConverter.setShouldConvertGetRequests(false)
114112
return authenticationConverter
115113
}
116114
----
117115
======
118116

119-
If you must continue using `Saml2AuthenticationTokenConverter` to process GET requests, you can call `setShouldConvertGetRequests` to `true.`
117+
If you must continue using `Saml2AuthenticationTokenConverter`, `OpenSaml4AuthenticationTokenConverter`, or `OpenSaml5AuthenticationTokenConverter` to process GET requests, you can call `setShouldConvertGetRequests` to `true.`

0 commit comments

Comments
 (0)