I'm trying to figure out how to build SAML support in our existing application (as a SP). As it stands, it seems the newest approach is to use SAML support at the spring-security-core level (currently version 5.3.1).
However, it its current state I'm having trouble understanding how to get started, I cannot even figure out how to import idp metadata from xml. It seems I have to do the conversion manually to a corresponding RelyingPartyRegistration?
Is the discontinued spring-security-saml extension still the way to go? It appears to have a more complete set of features, and can parse metadata xml (which is one of the first things I'd expect...)
It's quite hard to find information that is relevant at this specific date
Thanks
Support for "configuration by Asserting Party Metadata endpoint" was added in Spring Security 5.4.0: https://docs.spring.io/spring-security/site/docs/5.4.0/reference/html5/#servlet-saml2login-relyingpartyregistration