Stack Overflow
Stack Overflow

Questions tagged [spring-cloud-security]

Spring Cloud Security offers a set of primitives for building secure applications and services with minimum fuss. It is also extremely easy to use in a service platform like Cloud Foundry.

Building on Spring Boot and Spring Security OAuth2 we can quickly create systems that implement common patterns like single sign-on, token relay and token exchange.

46 questions
2
votes
0 answers

Eureka client Oauth2 How to use a fixed URL as User-info-uri when relaying an Oauth2 access token in a Resource Server

I'm writing a micro service as eureka client. I want to secure them using Oauth2 so I configured it as a ressource server. @SpringBootApplication @EnableEurekaClient @EnableResourceServer public class CustomerServiceApplication { public static void…
FabN
  • 21
  • 1
2
votes
1 answer

Microservice Architecture with UI and Auth Server

I am thinking in moving our monolithic company portal into micro services . To do so i need create a portal HTML UI that has some kind of redundancy so we don't go down during updates and also full spring security including roles and…
Shahbour
  • 1,323
  • 1
  • 16
  • 42
2
votes
0 answers

Spring Cloud Security Resource Server and JSON Vulnerability Protection

According to JSON Vulnerability Protection I prefix JSON responses: @Bean public MappingJackson2HttpMessageConverter mappingJackson2HttpMessageConverter() { MappingJackson2HttpMessageConverter converter = new…
Anton Bessonov
  • 9,208
  • 3
  • 35
  • 38
1
vote
0 answers

How can I use client_credentials to access another oauth2 resource from spring cloud gateway

I want to use client credentials flow to access an OAuth protected resource from spring cloud gateway There is no authentication needed to hit the gateway end point The resource is OAuth2 protected and I have to use client credentials flow Based on…
Rethesh
  • 13
  • 3
1
vote
0 answers

Spring Cloud Gateway POST Forbidden with CSRF enable

I want to enable CSRF in Spring Cloud Gateway with webflux. I have minimum configuration for that as described in…
Ms. Zia
  • 411
  • 3
  • 12
1
vote
0 answers

Connection refused - Could not fetch user details - when trying to access the Authentication Server

I want to point my Organization service to the Authentication server. When I am trying to call the following request: GET http://localhost:8082/v1/organizations/{{organizationId}} I am receiving the following…
Marina
  • 41
  • 6
1
vote
0 answers

How to get ServerWebExchange object in SecurityWebFilterChain bean

Hello Spring WebFlux community, I have implemented x509 based authentication in spring webflux security bean using below code: @Bean public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { ReactiveAuthenticationManager…
user2846382
  • 385
  • 1
  • 3
  • 16
1
vote
0 answers

Configure maven dependencies for Spring cloud

I want to create a Spring Cloud using spring-cloud-starter-parent. I tried this POM configuration: org.springframework.cloud spring-cloud-starter-parent
Peter Penzov
  • 1,126
  • 134
  • 430
  • 808
1
vote
1 answer

How to override the response body of AuthenticationFailure using AbstractPreAuthenticatedProcessingFilter?

I'm using a Custom Filter to make the request Authetincation. Configuring the AutheticationFailureHandler, I want put the message error content, but it is attached to a existent default content, my goal is put together on the same body or just a new…
Augusto
  • 3,825
  • 9
  • 45
  • 93
1
vote
1 answer

Spring Cloud Gateway with new Spring Security Oauth2 and Cognito

I'm trying to integrate a Spring Cloud Gateway (with WebFlux) and Amazon AWS Cognito. I spent almost a week and it is still not working. I want to authenticate users in a cognito user pool using authorization_code grant type. Here is my…
Rigoni
  • 302
  • 1
  • 5
  • 15
1
vote
2 answers

Spring cloud oauth 2 with ingress kubernetes

Is it possible to use spring cloud oauth 2 server with kubernetes api gateway ingress. I have used it with zuul to authenticate user before making a call. Can I do similar with ingress? Edit 1: To explain it more clearly, what I am trying to…
Chandresh Mishra
  • 1,081
  • 3
  • 24
  • 45
1
vote
3 answers

OAuth2 Authorization Code flow without sharing client secret

I have made a small demo on Authorization Code flow of OAuth2 using Spring Security Cloud with Angular 2 client. Everything is working fine, i am getting the access token response from server. However as per Aaron perecki's blog…
arun rajput
  • 51
  • 1
  • 6
1
vote
3 answers

Spring Cloud OAuth2Authentication returns NullPointerException

I'm slowly moving into understanding Spring Cloud Security. I've created an authorization service and it works when authorizing and returning a token, but doesn't return any current user details when using that token, when getting these from…
Deniss M.
  • 3,617
  • 17
  • 52
  • 100
1
vote
1 answer

Spring Cloud: Microservice authentication works through Eureka Discovery, but not through Zuul

I'm kind of new to Spring Cloud. I'm trying to build a few microservices by using Spring Cloud Eureka Discovery and Zuul Gateway. I can access the microservices and perform actions through Zuul Gateway, but only when there is no security involved.…
Deniss M.
  • 3,617
  • 17
  • 52
  • 100
1
vote
0 answers

Getting HTTP 401 with Spring Boot custom authorization server when accessing spring client

Hi everyone i am not able to proceed with following settings. your small pointers are appreciated. problem statement i am trying to use custom authorization server provided by spring cloud security and OAuth2 with my web application so that it can…
Ganesh Pol
  • 21
  • 2
1
2
3 4