Handling SAML Redirects on AJAX Requests
The bean responsible for initialization of authentication and decision to return an HTTP error, perform a redirect, ... is an instance of AuthenticationEntryPoint
. To change its behavior you can either:
- customize the current
SAMLEntryPoint
(extend thecommence
method) and override the default behavior in case request is an AJAX call from Angular, so it returns an HTTP error instead of performing redirect to IDP - or define another
security:http
element in your Spring context (before the current one) which only covers your AJAX requests (e.g. with attributepattern="/api/**"
) and uses an entry point which behaves in the way you want (seeHttp403ForbiddenEntryPoint
)