Skip to content

Commit

Permalink
Allow overriding maxAuthenticationAge (#861) (#865)
Browse files Browse the repository at this point in the history
  • Loading branch information
@spinnakerbot @ezimanyi
spinnakerbot authored and ezimanyi committed Aug 9, 2019
1 parent 193c7b9 commit 0743b2c
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions gate-saml/src/main/groovy/com/netflix/spinnaker/gate/security/saml/SamlSsoConfig.groovy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.core.userdetails.UsernameNotFoundException
import org.springframework.security.extensions.saml2.config.SAMLConfigurer
import org.springframework.security.saml.websso.WebSSOProfileConsumerImpl
import org.springframework.security.saml.SAMLCredential
import org.springframework.security.saml.userdetails.SAMLUserDetailsService
import org.springframework.security.web.authentication.RememberMeServices
Expand Down Expand Up @@ -89,6 +90,7 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter {

List<String> requiredRoles
UserAttributeMapping userAttributeMapping = new UserAttributeMapping()
long maxAuthenticationAge = 7200

/**
* Ensure that the keystore exists and can be accessed with the given keyStorePassword and keyStoreAliasName
Expand Down Expand Up @@ -149,6 +151,7 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter {
.metadataFilePath(samlSecurityConfigProperties.metadataUrl)
.discoveryEnabled(false)
.and()
.webSSOProfileConsumer(getWebSSOProfileConsumerImpl())
.serviceProvider()
.entityId(samlSecurityConfigProperties.issuerId)
.protocol(samlSecurityConfigProperties.redirectProtocol)
Expand All @@ -170,6 +173,12 @@ class SamlSsoConfig extends WebSecurityConfigurerAdapter {
authConfig.configure(web)
}

public WebSSOProfileConsumerImpl getWebSSOProfileConsumerImpl() {
WebSSOProfileConsumerImpl profileConsumer = new WebSSOProfileConsumerImpl();
profileConsumer.setMaxAuthenticationAge(samlSecurityConfigProperties.maxAuthenticationAge);
return profileConsumer;
}

@Bean
public RememberMeServices rememberMeServices(UserDetailsService userDetailsService) {
TokenBasedRememberMeServices rememberMeServices = new TokenBasedRememberMeServices("password", userDetailsService)
Expand Down

0 comments on commit 0743b2c

Please sign in to comment.