0

I am trying to implement a role management for in spring boot APIs. I went through the link but I could not get the below details 

1. Here they are using @Secured, I am not sure when actually role verification is called

Because there is a separate server which has the Role and Authorities details, Hence I want to call External Server to fetch the role and verify the Authorities ? here external server will give role details like userid and roles and allowed action like Delete, Create etc . 

2. how the username or userid is fetched while validating the access ?
scoder
  • 2,451
  • 4
  • 30
  • 70
  • 1. When the method with the @Secured annotation is called. 2. What type of "External server" do you have? – Simon Martinelli Jun 11 '19 at 13:40
  • here external server will give role details like userid and roles and allowed action like Delete, Create etc . – scoder Jun 11 '19 at 13:46
  • Yes but what it is I need to know? A Database, an Active Directory, SAML Provider or something else? – Simon Martinelli Jun 11 '19 at 13:53
  • Yes, it is data base.. I am using ldap for Authentication now need to add role management.. all the roles details are stored in data base. I can not access that db directly I have to access through mirco service call. Many of my micro services needs the role management – scoder Jun 11 '19 at 13:57
  • 1
    In that case you have to implement the UserDetailService to fetch the data. – Simon Martinelli Jun 11 '19 at 14:01
  • Is there any spring code example if I want to use LDAP only for both Authentication and Authorization .. ? – scoder Jun 12 '19 at 14:38

0 Answers0