1

I have a grails 3 application where authentication is done by Siteminder. After the user is authenticated we should be able to generate a JWT token and using that other rest apis call be protected. I have used RequestHeaderAuthenticationFilter to authenticate the request header. Can anyone help in integrating JWT token in this scenario.

Thanks is advance

Anna
  • 83
  • 2
  • 7
  • `authentication is done by Siteminder` is there any links or specifications around this - typically grails applications authenticate with spring security or apache shiro - I have used this: https://github.com/grails-samples/grails-spring-security-rest-groovy-client to produce auth with custom api and spring security – V H Feb 04 '19 at 16:13
  • I am using pre-authenticated scenario of Spring security. https://docs.spring.io/spring-security/site/docs/3.0.x/reference/preauth.html. After authentication Siteminder will not generate a token. So I have to generate one in my application. I came across of JWT in spring security. but confused how to use that in preauthenticated scenario. – Anna Feb 05 '19 at 07:42
  • using spring-security-rest plugin you can send jwt token from as an example front end js app such as vuejs react to backend and process request via the token which represents the connection with each request the user sends - they also send their token - https://github.com/vahidhedayati/grails-vue-springsecurity-demo - Not really related to pre-authenticated scenario - not quite sure how that works. There is a java version of above (first comment link) I have managed to use above code to receive jwt token and authenticate process request in a custom made api previously - – V H Feb 05 '19 at 09:15

1 Answers1

1

I achieved it by using a custom token generator which is called after the request header authentication and saved the token in http response header. Created a custom rest token validation filter to validate the token in API calls

Anna
  • 83
  • 2
  • 7