Question regarding SAML in 5.2+ of Spring Security, the documentation implies that there is no end point for metadata generate for a SP, is that correct? That seems that is what the document says, but the URLs include things like "{baseUrl}/saml2/service-provider-metadata/{registrationId}" which gives the impression that you are providing the SPs at that endpoint.
I have a pretty large multi-tenet project that I'm attempting to migrate from spring-security-saml, that has been discontinued, and I'm attempting to see what holes need to be filled. If metadata generation isn't included, are there plans in the near future to implement on their roadmap, I didn't see anything public regarding this? Has anyone else figured out an easy method to generate the metadata using OpenSaml3?
Thanks!
The Spring Security SAML 2 implementation does provide an endpoint for downloading
SP metadata in XML format. The provider is mapped to: +{baseUrl}/saml2/service-provider-metadata/{registrationId}+
According to the spring-security official release notes the support for SAML 2.0 SP Metadata Endpoints was added in 5.4.0-RC1.