From 3954f12c0b3914c425c08a8908c85a7387deac64 Mon Sep 17 00:00:00 2001 From: Choon-Chern Lim Date: Tue, 8 Mar 2016 07:37:05 -0600 Subject: [PATCH] doc --- README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 611c276..04068bc 100644 --- a/README.md +++ b/README.md @@ -91,15 +91,15 @@ class AppSecurityConfig extends SAMLWebSecurityConfigurerAdapter { |Property |Required? |Description | |---------------------------|----------|----------------------------------------------------------------------------------------------------------| |adfsHostName |Yes |ADFS host name without HTTPS protocol.

If ADFS link is `https://idp-adfs-server/adfs/ls`, the value should be `idp-adfs-server`.| -|keyStoreResource |Yes |Keystore containing app's public/private key and ADFS' certificate with public key. | -|keystoreAlias |Yes |Keystore alias. | -|keystorePassword |Yes |Keystore password. | -|keystorePrivateKeyPassword |Yes |Keystore private key password. | +|keyStoreResource |Yes |App's keystore containing its public/private key and ADFS' certificate with public key. | +|keystoreAlias |Yes |Alias of app's public/private key pair. | +|keystorePassword |Yes |Password to access app's keystore. | +|keystorePrivateKeyPassword |Yes |Password to access app's private key. | |successLoginDefaultUrl |Yes |Where to redirect user on successful login if no saved request is found in the session. | |successLogoutUrl |Yes |Where to redirect user on successful logout. | -|failedLoginDefaultUrl |No |Where to redirect user on failed login. This value is set to null, which returns 401 error code on failed login. But, in theory, this will never be used because IdP will handled the failed login on IdP login page.

Default is `''`, which return 401 error code.| -|samlUserDetailsService |No |For configuring user authorities if needed.

Default is `null`. | -|authnContexts |No |Determine what authentication methods to use. To use the order of authentication methods defined by IdP, set as empty set. To enable Windows Integrated Auth (WIA) cross browsers and OSes, use `CustomAuthnContext.WINDOWS_INTEGRATED_AUTHN_CTX`.

Default is `AuthnContext.PASSWORD_AUTHN_CTX` where IdP login page is displayed to obtain user/password.| +|failedLoginDefaultUrl |No |Where to redirect user on failed login. This value is set to null, which returns 401 error code on failed login. But, in theory, this will never be used because IdP will handled the failed login on IdP login page.

Default is `''`, which return 401 error code.| +|samlUserDetailsService |No |For configuring user authorities (ex: `ROLE_*`) if needed.

Default is `null`. | +|authnContexts |No |Determine what authentication methods to use. To use the order of authentication methods defined by IdP, set as empty set. To enable Windows Integrated Auth (WIA) cross browsers and OSes, use `CustomAuthnContext.WINDOWS_INTEGRATED_AUTHN_CTX`.

Default is `AuthnContext.PASSWORD_AUTHN_CTX` where IdP login page is displayed to obtain user/password.| ## Important SAML Endpoints