Small question regarding Spring Security SAML2 please.
To narrow the scope, the question is regarding:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-saml2-service-provider</artifactId>
<version>5.5.0</version>
</dependency>
I am coming from an older version, where API are deprecated.
The new version of RelyingPartyRegistration seems to have two entityId, which confuses a bit, which one is which please?
return RelyingPartyRegistration.withRegistrationId(registrationId)
.entityId(entityId)
.assertingPartyDetails(details -> details.entityId(entityId)).build();
Looking at this piece of code, entityId is present twice.
What are the differences please?
Thank you
The RelyingPartyRegistration.withRegistrationId(registrationId) .entityId(entityId)
represents the entity id registered on the identity provider. It is the identifier the identity provider knows your app.
The .assertingPartyDetails(details -> details.entityId(entityId)) is the url of the entity provider website.