How to configure the samlIDPDiscovery bean in my new SecurityContext.xml?

Question

I've recently started reading about SAML and trying to implement something similar to the Spring's SAML-sample project to my existing Java Application(so please spare me if I ask something stupid!). My existing application has a Login.jsp which asks for user credentials and do the validation accordingly to login. I would like to implement the idea of SSO for my application. So to start with, I've understood the Spring Saml-sample project quite well. In its SecurityContext.xml the samlIDPDiscovery bean is configured as:

<!-- IDP Discovery Service -->
<bean id="samlIDPDiscovery" class="org.springframework.security.saml.SAMLDiscovery">
    <property name="idpSelectionPath" value="/WEB-INF/security/idpSelection.jsp"/>
</bean>

The idpSelection.jsp has the following html part code:

<h1>IDP selection</h1>

<%
WebApplicationContext context =        WebApplicationContextUtils.getWebApplicationContext(getServletConfig().getServletContext());
MetadataManager mm = context.getBean("metadata", MetadataManager.class);
Set<String> idps = mm.getIDPEntityNames();
pageContext.setAttribute("idp", idps);
%>

<p>
<form action="<c:url value="${requestScope.idpDiscoReturnURL}"/>" method="GET">
<table>
    <tr>
        <td><b>Select IDP: </b></td>
        <td>
            <c:forEach var="idpItem" items="${idp}">
                <input type="radio" name="${requestScope.idpDiscoReturnParam}"   id="idp_<c:out value="${idpItem}"/>" value="<c:out value="${idpItem}"/>"/>
                <label for="idp_<c:out value="${idpItem}"/>"><c:out value="${idpItem}"/></label>
                <br/>
            </c:forEach>
        </td>
    </tr>
    <tr>
        <td>&nbsp;</td>
        <td><input type="submit" value="Login"/></td>
    </tr>
</table>
</form>
</p>

<p>
<a href="<c:url value="/saml/web/metadata"/>">Metadata information</a>
</p>

<%
response.sendRedirect("http://localhost:6443/spring-saml/saml/login/alias/defaultAlias?   idp=http%3A%2F%2Fidp.ssocircle.com");
%>

So If I want to implement similar to above by doing appropriate changes to my Login.jsp and securityContext.xml for selecting appropriate IdP and redirecting to the selected Idp's Landing page on clicking login, how should I proceed? I've tried doing this since so long but I couldn't. Any help is highly appreciated.

Answer 1

As long as you're configuring your application based on the Spring SAML sample application you can simply redirect user to scheme://host:port/context/saml/login?idp=entityId where entityId can be found in your IDPs metadata. This will automatically start the SSO process and skip the discovery.