Spring Security SAML relying party logout filter is always ordered last

When configuring the SAML logout configuration the LogoutFilter is ordered last. It turns out that the org.springframework.security.config.annotation.web.configurers.saml2.Saml2LogoutConfigurer configures a standard org.springframework.security.web.authentication.logout.LogoutFilter and tries to order it before an already existing org.springframework.security.web.authentication.logout.LogoutFilter which doesn't have any effect and the added filter isn't ordered before the existing filter. My solution was to just extend the org.springframework.security.web.authentication.logout.LogoutFilter and add that instead so the ordering works.

Comment From: jzheaux

Thanks, @aspan! Closing in favor of https://github.com/spring-projects/spring-security/pull/14526