I’ve been struggling to get OneLogin integration working in Bloomreach 14.6.0. I have a feeling that I am using the wrong dependencies .
I added the following to my cms/pom.xml:
groupId: org.springframework.security.extensions
artifactId: spring-security-saml2-core
version: 1.0.10.RELEASE
groupId: xerces
artifactid: xercesImpl
version: 2.12.0
groupId: ca.juliusdavies
artifactid: not-yet-commons-ssl
version: 0.3.9
groupId: org.springframework.security
artifactid: spring-security-core
version: 5.5.0
groupId: org.springframework.security
artifactId: spring-security-web
version: 5.5.0
groupId: org.springframework.security
artifactId: spring-security-config
version: 5.5.0
groupId: org.springframework.security
artifactId: spring-security-taglibs
version: 5.5.0
I updated web.xml to add the following:
<context-param>
<description>Contains the security details for SAML and SSO</description>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/securityContext.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>com.audacy.common.saml.OptionalDelegatingFilterProxy</filter-class>
</filter>
<filter>
<filter-name>SSOLoginFilter</filter-name>
<filter-class>com.audacy.common.saml.SSOLoginFilter</filter-class>
<init-param>
<param-name>prefixExclusions</param-name>
<param-value>/angular, /logging, /skin, /ckeditor, /ping, /xinha, /status, /ws</param-value>
</init-param>
<init-param>
<param-name>suffixExclusions</param-name>
<param-value>.gif, .jpg, .jpeg, .png, .jsp, .js, .css, .less</param-value>
</init-param>
<init-param>
<param-name>disabled</param-name>
<param-value>${saml.disabled}</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>SSOLoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
The current issue that I’m facing is:
Caused by: java.lang.IllegalStateException: Duplicate Filter registration for ‘springSecurityFilterChain’. Check to ensure the Filter is only configured once.
I’m not entirely sure that I’ve used the correct dependencies and when I remove “springSecurityFilterChain” from web.xml I get the error ‘no bean defined for “springFilterSecurityChain”’. If anyone has done a OneLogin integration with version 14.6.0 and has any advice it would be greatly appreciated. If you need any more information I would be happy to gather it for you