Spring Security SAML SSO重定向到控制器

在IdP启动的设置中使用代码片段重定向到控制器（/ bootstrap / v1）：

public SavedRequestAwareAuthenticationSuccessHandler successRedirectHandler() {
    SavedRequestAwareAuthenticationSuccessHandler successRedirectHandler = new SavedRequestAwareAuthenticationSuccessHandler();
    successRedirectHandler.setDefaultTargetUrl("/bootstrap/v1");
    return successRedirectHandler;
}

控制器代码片段：

public class BootstrapController extends ParentController {

    @RequestMapping(value = "/v1", method = RequestMethod.POST)
    public ResponseEntity<BootstrapResponseDto> bootstrap(@RequestBody BootstrapRequestDto bootstrapRequestDto, @RequestHeader(value = "MAC-ADDRESS", required = false) String macAddress) {

        myAppUserDetails userDetails = SecurityContextUtils.getUserDetails();

        BootstrapResponseDto bootstrapResponseDto = new BootstrapResponseDto();

        // some app specific logic goes here...

        return new ResponseEntity<>(bootstrapResponseDto, HttpStatus.OK);
    }
}

调试级别日志片段：

11-29-2018 13:33:53 e7a5edb2-4051-4132-bad0-856d58af1c7d ZDJhMWExYWUtZTAxNy00NDQwLWJmOTctNzcyNTJlOWUyNmQ2 INFO http-nio-8080-exec-6 Spring Security Debugger：收到POST'/ saml / SSO'的请求：org.springframework . session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper@28cc5b21 servletPath：/ saml / SSO pathInfo：null headers：host：localhost：8080 user-agent：Mozilla / 5.0（Macintosh; Intel Mac OS X 10.13; rv：63.0）Gecko / 20100101 Firefox / 63.0接受：text / html，application / xhtml xml，application / xml; q = 0.9，/; q = 0.8 accept-language：en-US，en; q = 0.5 accept-encoding：gzip，deflate content-type ：应用/ X WWW的窗体-urlencoded内容长度：11320 DNT：1连接：保持活动的Cookie：JSESSIONID = ZDJhMWExYWUtZTAxNy00NDQwLWJmOTctNzcyNTJlOWUyNmQ2升级不安全-请求：1个安全过滤器链：[MetadataGeneratorFilter WebAsyncManagerIntegrationFilter SecurityContextPersistenceFilter CustomLogFilter HeaderWriterFilter LogoutFilter UsernamePasswordAuthenticationFilter BasicAut henticationFilter FilterChainProxy RequestCacheAwareFilter SecurityContextHolderAwareRequestFilter AnonymousAuthenticationFilter SessionManagementFilter ExceptionTranslationFilter FilterSecurityInterceptor] 11-29-2018 13:33:53 e7a5edb2-4051-4132-bad0-856d58af1c7d INFO http-nio-8080-exec-6 oocbsSAMLProtocolMessageXMLSignatureSecurityPolicyRule：协议消息签名验证成功，消息类型：{urn：oasis：names：tc：SAML：2.0：protocol}响应11-29-2018 13:33:53 e7a5edb2-4051-4132-bad0-856d58af1c7d ZDJhMWExYWUtZTAxNy00NDQwLWJmOTctNzcyNTJlOWUyNmQ2 INFO http-nio-8080-exec-7 Spring Security Debugger ：收到GET'/ bootstrap / v1'的请求：org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper@5f9e2aff servletPath：/ bootstrap / v1 pathInfo：null headers：host：localhost：8080 user-agent：Mozilla / 5.0 （Macintosh的;英特尔Mac OS X 10.13; rv：63.0）Gecko / 20100101 Firefox / 63.0接受：text / html，application / xhtml xml，application / xml; q = 0.9，/; q = 0.8 accept-language：en-US，en; q = 0.5 accept-encoding ：gzip的，放气DNT：1个连接：保持活动的cookie：JSESSIONID = ZDJhMWExYWUtZTAxNy00NDQwLWJmOTctNzcyNTJlOWUyNmQ2升级不安全，请求：1个安全过滤器链：[MetadataGeneratorFilter WebAsyncManagerIntegrationFilter SecurityContextPersistenceFilter CustomLogFilter HeaderWriterFilter LogoutFilter UsernamePasswordAuthenticationFilter BasicAuthenticationFilter一样的FilterChainProxy RequestCacheAwareFilter SecurityContextHolderAwareRequestFilter AnonymousAuthenticationFilter SessionManagementFilter的ExceptionTranslationFilter FilterSecurityInterceptor] 2018年11月29日13:33:53 e7a5edb2-4051-4132-bad0-856d58af1c7d WARN http-nio-8080-exec-7 oswsPageNotFound：不支持请求方法'GET'

ExpiringUsernameAuthenticationToken设置为返回：

org.springframework.security.providers.ExpiringUsernameAuthenticationToken@fee70636：校长：com . <my-company> .security.authentication . @ 325fcf8b;证书：[保护];认证：真实;细节：null;授权机构：authority_1，authority_2，authority_3，authority_4

所以，我猜测我的SAML验证和用户身份验证和授权是好的 .

似乎我面临的问题是HTTP GET无法正常工作 .

如何配置和提交HTTP POST？或者我应该重构我的控制器来处理行为（这可能会破坏基于表单的登录，这也是应用程序身份验证的一部分）？

HTTP Status 405 - Method Not Allowed Error