Class CacheSaml2AuthenticationRequestRepository

java.lang.Object
org.springframework.security.saml2.provider.service.web.CacheSaml2AuthenticationRequestRepository
All Implemented Interfaces:
Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest>

public final class CacheSaml2AuthenticationRequestRepository extends Object implements Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest>
A cache-based Saml2AuthenticationRequestRepository. This can be handy when you are dropping requests due to using SameSite=Strict and the previous session is lost.

On the other hand, this presents a tradeoff where the application can only tell that the given authentication request was created by this application, but cannot guarantee that it was for the user trying to log in. Please see the reference for details.

Since:
6.5