diff --git a/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java b/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java index 19a935d23..2919cf8ae 100644 --- a/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java +++ b/src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java @@ -66,7 +66,6 @@ import stirling.software.SPDF.config.security.saml2.CertificateUtils; import stirling.software.SPDF.config.security.saml2.CustomSaml2AuthenticationFailureHandler; import stirling.software.SPDF.config.security.saml2.CustomSaml2AuthenticationSuccessHandler; import stirling.software.SPDF.config.security.saml2.CustomSaml2ResponseAuthenticationConverter; -import stirling.software.SPDF.config.security.saml2.SamlDebugFilter; import stirling.software.SPDF.config.security.session.SessionPersistentRegistry; import stirling.software.SPDF.model.ApplicationProperties; import stirling.software.SPDF.model.ApplicationProperties.Security.OAUTH2; @@ -105,8 +104,7 @@ public class SecurityConfiguration { @Autowired private FirstLoginFilter firstLoginFilter; @Autowired private SessionPersistentRegistry sessionRegistry; - @Autowired - private SamlDebugFilter samlDebugFilter; + @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { @@ -284,49 +282,12 @@ public class SecurityConfiguration { new CustomSaml2AuthenticationFailureHandler()) .permitAll(); } catch (Exception e) { - // TODO Auto-generated catch block e.printStackTrace(); } - }).addFilterBefore(samlDebugFilter, SecurityContextHolderFilter.class) + }) .saml2Logout(logout -> logout .logoutUrl("/logout")) ; - - http.addFilterBefore(new OncePerRequestFilter() { - @Override - protected void doFilterInternal(HttpServletRequest request, - HttpServletResponse response, FilterChain chain) - throws ServletException, IOException { - - if (request.getRequestURI().contains("/saml2/authenticate")) { - log.info("SAML Auth Request - URI: " + request.getRequestURI()); - log.info("SAML Auth Request - Method: " + request.getMethod()); - log.info("SAML Auth Request - Query String: " + request.getQueryString()); - - // Log all request parameters - request.getParameterMap().forEach((key, value) -> { - log.info("SAML Auth Request - Parameter - " + key + ": " + Arrays.toString(value)); - }); - - // Log request content if POST - if ("POST".equalsIgnoreCase(request.getMethod())) { - try { - BufferedReader reader = request.getReader(); - StringBuilder sb = new StringBuilder(); - String line; - while ((line = reader.readLine()) != null) { - sb.append(line); - } - log.info("SAML Auth Request - Body: " + sb.toString()); - } catch (Exception e) { - log.info("Could not read request body", e); - } - } - } - chain.doFilter(request, response); - } - }, Saml2WebSsoAuthenticationRequestFilter.class); - } } else { diff --git a/src/main/java/stirling/software/SPDF/config/security/saml2/SamlDebugFilter.java b/src/main/java/stirling/software/SPDF/config/security/saml2/SamlDebugFilter.java deleted file mode 100644 index db5f21fe8..000000000 --- a/src/main/java/stirling/software/SPDF/config/security/saml2/SamlDebugFilter.java +++ /dev/null @@ -1,31 +0,0 @@ -package stirling.software.SPDF.config.security.saml2; - -import java.io.IOException; -import java.util.Collections; - -import org.springframework.stereotype.Component; -import org.springframework.web.filter.OncePerRequestFilter; - -import jakarta.servlet.FilterChain; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import lombok.extern.slf4j.Slf4j; - -@Component -@Slf4j -public class SamlDebugFilter extends OncePerRequestFilter { - - @Override - protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) - throws ServletException, IOException { - if (request.getRequestURI().contains("/saml2/")) { - log.debug("SAML Debug - URI: {}", request.getRequestURI()); - log.debug("SAML Debug - Query String: {}", request.getQueryString()); - log.debug("SAML Debug - Method: {}", request.getMethod()); - Collections.list(request.getHeaderNames()).forEach(headerName -> - log.debug("SAML Debug - Header {}: {}", headerName, request.getHeader(headerName))); - } - filterChain.doFilter(request, response); - } -} \ No newline at end of file diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 4fb1f9546..f32d4f28d 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -3,9 +3,9 @@ multipart.enabled=true logging.level.org.springframework=WARN logging.level.org.hibernate=WARN logging.level.org.eclipse.jetty=WARN -logging.level.org.springframework.security.saml2=TRACE -logging.level.org.springframework.security=DEBUG -logging.level.org.opensaml: DEBUG +#logging.level.org.springframework.security.saml2=TRACE +#logging.level.org.springframework.security=DEBUG +#logging.level.org.opensaml: DEBUG logging.level.com.zaxxer.hikari=WARN spring.jpa.open-in-view=false