Stack Overflow
Stack Overflow

Questions tagged [spring-boot-security]

49 questions
0
votes
1 answer

I get Error 401 when I send a POST request to an excluded endpoint

I'm developing a web app where user can authenticate with OAuth2. In the web app there are a list of endpoints that are accessible only by sending requests (GET-POST-PUT-DELETE) including a valid token. Now I want to implement my web app by allowing…
Count
  • 9
  • 2
0
votes
1 answer

ReactiveOpaqueTokenResolver with webflux ResourceServer

I have my own OpaqueTokenResolver in Spring Boot (3.0.6). I'd like to make it reactive since I'm using webflux. This works: @Configuration @EnableWebSecurity public class CustomAuthoritiesOpaqueTokenIntrospector implements OpaqueTokenIntrospector { …
Benjamin Reed
  • 402
  • 1
  • 4
  • 11
0
votes
1 answer

Axios POST request returning 401 error but works on Postman. (Springboot + Springboot Security)

I'm building an API with Springboot and Springboot Security, alongside a frontend to interact with this API. I've tested all the endpoints which work fine in Postman, but when sending POST requests with Axios to the API (in my case, for the login…
hirw
  • 1
  • 1
0
votes
0 answers

Cannot set the Security Context WARN 37240 --- [nio-9988-exec-2] o.s.web.servlet.PageNotFound : No mapping for GET /swagger-ui/index.html

@Configuration public class SwaggerConfiguration { public static final String AUTHORIZATION_HEADER = "Authorization"; private static final String DEFAULT_INCLUDE_PATTERN = "/api/.*"; private ApiKey apiKeys() { return new…
Gagan Rana
  • 1
0
votes
0 answers

How to validate Authorization header with specific client in Spring Resource Server?

I have two spring boot services called Service1 and Service2. Service1 call API in Service2 along with the Authorization Header (JWT) which generated using org.springframework.boot:spring-boot-starter-oauth2-client with below configurations. …
Dush
  • 11
  • 2
0
votes
1 answer

How to configure custom security filters to trigger only for specific endpoints in a Spring Boot application with Spring Security?

I have a spring boot 3 application with spring security 6. I am having a hard time to understand how security filters work. I have for the moment 3 exposed endpoint /endpoint1, /endpoint2 and /endpoint3. I also have 2 filters Filter1.java and…
hajjoujti
  • 3
  • 3
0
votes
0 answers

Two different Rest Api Spring Boot and 1 Login

I am trying to make 2 apps login with 1 auth. My App number one gonna provide JWT token in cookie and I want that my app number 2 use that cookie to serve @PreAUthrize. I have full functionality in my first App, but honestly I have no clue how to…
Mykyta Ryasny
  • 21
  • 5
0
votes
1 answer

Adding SSL certificate to cacerts file inside Spring-Boot container

I have a Spring Boot application that I use as docker container on my server. To generate docker image I run the maven plugin using the buildpack. mvn spring-boot:build-image -Dspring-boot.build-image.imageName="csm-security" To start the container…
Aldo Inácio da Silva
  • 824
  • 2
  • 14
  • 38
0
votes
0 answers

Which spring-boot-starter-security supports @EnableWebSecurity and @Preauthorize annotation?

I need version of spring-boot-starter-security supports @EnableWebSecurity and @Preauthorize annotation?
Dharmin Patel
  • 11
  • 3
0
votes
0 answers

After springboot 3.0 upgrade facing error: Scope 'request' is not active for the current thread when a rest endpoint is called

I have a Java Rest application written using springboot 2.x. I have upgraded it to java 17 and springboot 3. The application starts fine after upgrade. Application start up success message But when I hit an endpoint using Postman, I get following…
shishu suman
  • 1
  • 3
0
votes
1 answer

Trouble retrieving user roles from MongoDB for Spring Boot app with Spring Security

I'm working on a Spring Boot app with Spring Security and MongoDB, but I'm having trouble getting user roles from the database to display in the UserDetails object. The roles field is always empty, despite confirming the roles are stored properly.…
ABAB
  • 25
  • 5
0
votes
1 answer

authenticationEntryPoint won't work for permit() http method with credentials submitted

@Override protected void configure(HttpSecurity httpSecurity) throws Exception { // @formatter:off httpSecurity .csrf() .disable() .authorizeRequests() …
emoleumassi
  • 4,881
  • 13
  • 67
  • 93
0
votes
0 answers

SecurityContextHolder returns null using custom LogoutHandler

The use case is to store the user name/id in a database, when logging out. When trying to retrieve the username from the context, I will receive always null. In Debug mode I evaluated this line in CustomLogoutHandler via my IDE (not in the code of…
Semo
  • 783
  • 2
  • 17
  • 38
0
votes
1 answer

How to create an integration test for a Spring Boot controller using MockMvc and Spring Security filters?

I have a Spring Boot application that uses Spring Security to protect routes. Every time a user tries to access an endpoint, it goes through a security filter to authenticate the user. Now, I would like to create an integration test for a controller…
Nathan
  • 45
  • 1
  • 6
0
votes
1 answer

Spring Boot 3 - Validate JWT token using RSA256 public key

Using the new Spring-Security-Web starting with 6.0.0, I wanted to know how to validate a Bearer JWT using a RS256 public key and set the "Authentication" in the Spring Security Servlet Context. Currently I've written a custom JwtTokenFilter which…
nonNumericalFloat
  • 1,348
  • 2
  • 15
  • 32
1
2
3 4