Spring Security Configure the landing page after SSO authentication

Summary

I want to know how to setup the relay state with the new saml library. Basically once I am authenticated via the asserting party, I want to have a relay state url (a JSP in my application), where I should land. In the saml extensions library, as far as I know, the relay state url was set in the SAMLMessageContext object

Actual Behaviour The mechanism of setting the page where I would be redirected to after SAML login has changed. I am not sure how to set the desired JSP where I want to land in the new library.

Expected behavior After the call to the assertionConsumerServiceLocation in my application, I should be taken to a Url configured by me (Relaystate). I need help in configuring this URL.

Comment From: akhil-lm

I am trying to set up the relay state like this :-

    @Bean
    Saml2AuthenticationRequestResolver authenticationRequestResolver(
            RelyingPartyRegistrationResolver registrations) {
        OpenSaml4AuthenticationRequestResolver authenticationRequests =
                new OpenSaml4AuthenticationRequestResolver(registrations);
        authenticationRequests.setRelayStateResolver(relayStateResolver);
        return authenticationRequests;
    }

I have defined the relayStateResolver like the following :- private Converter<HttpServletRequest, String> relayStateResolver = (request) -> "my_desired_jsp_url_string";

Are my above configurations correct, and would they help me in landing on the desired JSP page after successful login?

Currently, this is the error I am facing with the above implementation :-

Jan 03, 2023 5:54:28 AM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [dispatcher] in context with path [/santaba] threw exception [Filter execution threw an exception] with root cause
java.lang.NoSuchMethodError: org.opensaml.saml.saml2.core.AuthnRequest.setIssueInstant(Ljava/time/Instant;)V
    at org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver.lambda$resolve$1(OpenSaml4AuthenticationRequestResolver.java:60)
    at org.springframework.security.saml2.provider.service.web.authentication.OpenSamlAuthenticationRequestResolver.resolve(OpenSamlAuthenticationRequestResolver.java:133)
    at org.springframework.security.saml2.provider.service.web.authentication.OpenSaml4AuthenticationRequestResolver.resolve(OpenSaml4AuthenticationRequestResolver.java:59)
    at org.springframework.security.saml2.provider.service.web.Saml2WebSsoAuthenticationRequestFilter.doFilterInternal(Saml2WebSsoAuthenticationRequestFilter.java:184)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)

Comment From: jzheaux

Thanks for getting in touch, @akhil-lm! It feels like this is a question that would be better suited to Stack Overflow. We prefer to use GitHub issues only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add more detail if you feel this is a genuine bug.

Comment From: akhil-lm

Hi @jzheaux, Thanks. I've posted this question on Stack overflow under the spring-security tag :- https://stackoverflow.com/questions/75028135/configure-the-landing-page-after-sso-authentication

Request your help and inputs on this.

Comment From: akhil-lm

Hi @marcusdacoregio, I want to land on my index.jsp url after the single sign on via the IdP, and I tried my best to use the relayState configuration for the same :-

My relaystate resolver :- private Converter<HttpServletRequest, String> relayStateResolver = (request) -> POST_LOGIN_RELAYSTATE_URI;

where POST_LOGIN_RELAYSTATE_URI is my desired index.jsp.

My configurations in the SecurityConfiguration.java :-

@Bean
RelyingPartyRegistrationResolver registrations() throws Exception {
    RelyingPartyRegistrationResolver relyingPartyRegistrationResolver =
            new DefaultRelyingPartyRegistrationResolver(relyingPartyRegistrations());
    return relyingPartyRegistrationResolver;
}


@Bean
Saml2AuthenticationRequestResolver authenticationRequestResolver(
        RelyingPartyRegistrationResolver registrations) {
    OpenSaml4AuthenticationRequestResolver authenticationRequests =
            new OpenSaml4AuthenticationRequestResolver(registrations);
    authenticationRequests.setRelayStateResolver(resolveCustomRelayState());
    return authenticationRequests;
}


private Converter<HttpServletRequest, String> resolveCustomRelayState() {
    return relayStateResolver;
}

But despite the above configurations, I am unable to go successfully to the desired URL.

Could you please help me in identifying what configuration I'm lacking? To summarise, after signing in via Okta to my application portal, the configured 'index.jsp' is where I want to be taken to. I've been stuck with this for some time, so request your inputs on this.

Comment From: jzheaux

I commented on https://stackoverflow.com/a/75149334/2243324

Comment From: akhil-lm

Hi @jzheaux, thanks so much for your reply. I'll try out the suggestion in the answer. Thanks.