I am securing my java application using Keycloak saml for that I am using SamlFilter but after successful login it is just continuous redirecting it again and again in loop. My keycloak-saml.xml file:
<filter>
<filter-name>APP</filter-name>
<filter-class>org.keycloak.adapters.saml.servlet.SamlFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>APP</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Also added keycloal-saml.xml file in WEB-INF folder as below:
<keycloak-saml-adapter>
<SP entityID="Sample"
sslPolicy="EXTERNAL"
logoutPage="logout">
<Keys>
<Key signing="true">
<PrivateKeyPem>
<!-- Private Key -->
</PrivateKeyPem>
<CertificatePem>
<!-- Certi Key -->
</CertificatePem>
</Key>
</Keys>
<IDP entityID="idp"
signatureAlgorithm="RSA_SHA256"
signatureCanonicalizationMethod="http://www.w3.org/2001/10/xml-exc-c14n#"
metadataUrl="http://localhost:8280/realms/IDP_REALM/protocol/saml/descriptor">
<SingleSignOnService signRequest="true"
validateResponseSignature="true"
validateAssertionSignature="false"
requestBinding="POST"
bindingUrl="http://localhost:8280/realms/IDP_REALM/protocol/saml"/>
<SingleLogoutService signRequest="true"
signResponse="true"
validateRequestSignature="true"
validateResponseSignature="true"
requestBinding="POST"
responseBinding="POST"
postBindingUrl="http://localhost:8280/realms/IDP_REALM/protocol/saml"
redirectBindingUrl="http://localhost:8280/realms/IDP_REALM/protocol/saml"/>
<Keys>
<Key signing="true">
<KeyStore resource="/WEB-INF/keystore.jks" password="store123">
<Certificate alias="Sample"/>
</KeyStore>
</Key>
</Keys>
</IDP>
</SP>
And keycloak setting is as below:
But after login it keycloak redirects to my application but my application again redirects to Keycloak and it shows below message and this happening in loop:
I know there must some setting is missing.