Stack Overflow
Stack Overflow

Questions tagged [spring-boot-security]

49 questions
0
votes
0 answers

Spring security authentication builder incorrect LDAP postfix

I am working on a Spring Boot project that handles security through Spring Boot's security module and authenticates users through an Active Directory using LDAP. However, every single time I try to log in it uses the incorrect baseDN. The baseDN I…
Guusda
  • 7
  • 3
0
votes
0 answers

Spring REST API same path /api/ need to authenticated either with Okta Oauth2.0 or basic authentication

I have a scenario where I need to give access to /api/* REST API when requested with Okta Oauth2.0 token. Due to some use cases, I need to provide basic authentication due to some limitation for the same REST api /api/* Scenario 1: user/system will…
jpa
  • 1
  • 1
0
votes
1 answer

How to handle OAuth2AuthenticationException: Client authentication failed: client_id in Spring Security

I'm implementing new Spring Authorization server (spring-security-oauth2-authorization-server version 1.0.0). I have created following two classes to handle exceptions: public class RestExceptionTranslationFilter implements…
dplesa
  • 1,355
  • 6
  • 23
  • 56
0
votes
0 answers

SpringBoot 2.7.8 Infinity loop authenticate on BadCredentialsException while use ActiveDirectoryLdapAuthenticationProvider

Need Help! Loop with stackowerflow only while unsuccessful authorization via AD 1 authenticate: 201, ProviderManager (org.springframework.security.authentication) [5] @Bean public ActiveDirectoryLdapAuthenticationProvider…
Dmitry Evgrafoov
  • 13
  • 1
  • 2
0
votes
0 answers

Spring Security Context Authentication is null

i am trying to add couple of filters in my request processing in spring boot security config. Below is my code @EnableWebSecurity @Configuration public class JwtSecurityConfiguration { @Bean public SecurityFilterChain…
saurav
  • 5,388
  • 10
  • 56
  • 101
0
votes
0 answers

Spring boot OAuth 2 resource server + JWT filter backup authentication method

I'm working on a spring boot project with an OAuth2 resource server authentication method, the access token is verified on the authorization server. This application provides also an endpoint to get a token signed by itself. I would like to provide…
Gianni Azizi
  • 222
  • 1
  • 9
0
votes
0 answers

How to request authentication to all routes except welcome which has to be the login page in Spring Boot

I want to request authentication to all available routes except one "/welcome" which has to be the login page too! I'm using Spring Boot Security and my SecurityFilterChain is coded like this: @Configuration public class AppConfig { @Bean …
ctrlmaniac
  • 404
  • 4
  • 13
  • 28
0
votes
0 answers

Spring boot 3 CORS issues with Angular 14

I have a Springboot 3 API which is on production. Whenever i try to do an API request to one of my endpoints, it gives me a CORS error: Access to XMLHttpRequest at '(API_LINK)' from origin '(Hosted_Front-end)' has been blocked by CORS policy: Cross…
Shibal
  • 9
  • 1
0
votes
1 answer

How to test http status code 401 (unauthenticated) with MockMVC and Spring Boot OAuth2 Resource Server?

I am currently developing a Spring Boot 3 application which provides a REST API. To consume this API, users have to be authenticated via an OAuth2 workflow of our identity provider keycloak. Therefore, I have used…
LucasMoody
  • 403
  • 4
  • 10
0
votes
1 answer

Authenticate Keycloak JWT token outside Spring Boot filter chain

I have a web application (Spring Boot + Angular). The backend authentication is implemented using Keycloak (JWT). I need to create a GraphQL subscription using Apollo and the subscription should be authenticated/authorized. The subscription is using…
Achaad
  • 21
  • 2
  • 6
0
votes
1 answer

All exceptions are converted to HTTP 401 on public endpoints

i have problem on spring boot starter security V3.0.0 For this configuration : @Bean public SecurityFilterChain filterChain( final HttpSecurity http ) throws Exception { http .cors().and().csrf().disable() …
Romain Lavabre
  • 121
  • 6
0
votes
1 answer

How to secure specific URL with filter?

I want to secure only few specific endpoints and if any request comes to secured endpoint I want to apply filter on that. This is what I have tried as of now: http .csrf().disable() .addFilterAfter((Filter) MyFilter,…
ngi
  • 51
  • 5
0
votes
1 answer

Springboot security issue when deploying war on tomcat

I have a springboot application that I can run locally with no issues with authentication. However when I run this build in a WAR and on a tomcat server the behavior is different. It seems that the filterchain is not being triggered, can someone…
Jan Verhagen
  • 79
  • 7
0
votes
0 answers

"retrieveUser returned null - a violation of the interface contract" in springboot security when authentication

I am new to springboot security and i am trying write the signup function.My approach is to save the user and then pass the data to the autheicationmanager,but the went in here and it return null and the above error occur. token service: public…
user20112858
  • 79
  • 1
  • 6
0
votes
1 answer

How to make the authentication info available in a springboot websocket request?

When processing a websocket request in a controller SecurityContextHolder.getContext().getAuthentication() returns null. But I need to know which user is making the request. What was tried so far: Google pointed me towards solutions implementing…
tbeernot
  • 2,473
  • 4
  • 24
  • 31
1 2
3
4