Stack Overflow
Stack Overflow

Questions tagged [spring-cloud-security]

Spring Cloud Security offers a set of primitives for building secure applications and services with minimum fuss. It is also extremely easy to use in a service platform like Cloud Foundry.

Building on Spring Boot and Spring Security OAuth2 we can quickly create systems that implement common patterns like single sign-on, token relay and token exchange.

46 questions
1
vote
1 answer

Spring Cloud Security - Allow requests without authentication

I have an application that allows users to sign up for an account. Our Authentication and User service is UAA, so I need to be able to communicate with its secure endpoints without a user actually being present. How do I set up Spring Cloud…
StylePotato
  • 167
  • 1
  • 13
1
vote
1 answer

service to service communication through Resttemplate with Spring cloud(Oauth 2)

Hi I am trying to call a spring boot service from a different service through Rest-template. i am using consul as service discovery now Service1-->rest-->Service2 I dont want this communication through Zuul service1 should be able to call service2…
Brijan Elwadhi
  • 420
  • 3
  • 6
  • 17
0
votes
0 answers

Is it enough to remove access token and refresh token from front end application or somehow need to remove also from authorization server?

I am trying to learn oauth2 implementation. I am confused here, will it be enough to delete access token and refresh token from front end application or I have to delete it or invalidate any session or something from authorization server also. I am…
Sumon Bappi
  • 1,937
  • 8
  • 38
  • 82
0
votes
1 answer

What api to use instead of TokenRelayGatewayFilterFactory for relaying tokens to microservice?

I am currently following an example to forward jwt tokens from a spring gateway service to a backend microservice. The api-gateway example uses org.springframework.cloud.security.oauth2.gateway.TokenRelayGatewayFilterFactory to relay token to…
Katlock
  • 1,200
  • 1
  • 17
  • 41
0
votes
0 answers

Spring Cloud Gateway error: 'tokenRelayGatewayFilterFactory' could not be registered

I'm learning from a Youtube tutorial (https://youtu.be/9b6OOGMpx5Y) to implement a microservices system having about 5 microservices with an API Gateway. The API Gateway is using the Spring Cloud Gateway library which I named "api-gateway-service".…
Hieu
  • 15
  • 7
0
votes
1 answer

Disable Spring Cloud security

I tried to disable Spring security in Spring Could using this configuration: @SpringBootApplication(scanBasePackages = { ...... }, exclude = SecurityAutoConfiguration.class) public class Application { public static void main(final…
Peter Penzov
  • 1,126
  • 134
  • 430
  • 808
0
votes
0 answers

How to get refresh token whole info in TokenEnhancer?

I want to put refresh token value in access token. I tried it like following: public class JwtTokenEnhancer implements TokenEnhancer { @Override public OAuth2AccessToken enhance( OAuth2AccessToken accessToken, OAuth2Authentication…
xia randy
  • 69
  • 1
  • 7
0
votes
1 answer

Spring starter security or spring cloud security How to secure an entire microservice architecture?

Currently in developer training, I am working on a personal project on spring. I started java 6 months ago, so there is a certain notion that I do not yet master. My trainer does not know spring at all, so he cannot help me. I am also French and…
Olivier4477
  • 11
  • 6
0
votes
1 answer

The OAuth2 authenticated feign client doesn't support be invoked in an asynchronous method?

I am developing a spring cloud project with Feign and OAuth2.In the project, there are some time-consuming operations and some requests will be sent when these operations is finished. In order to achieve a better user experience, these operations…
JerryYuan
  • 1
  • 1
0
votes
1 answer

TokenRelayGatewayFilterFactory protecting all URL's

I have a project https://github.com/ndrone/sample-gateway-oauth2login/tree/feature/allowAllToHealth That I am trying to allow specific URL's open to anyone that request it. In this case, it is the health endpoint of Actuator while protect all other…
ndrone
  • 3,524
  • 2
  • 23
  • 37
0
votes
0 answers

openID connect server with spring-cloud-securiy

we am trying to use open ID connect (OIDC) for authentication and authorization (AnA) for our micro-service architecture based on spring-cloud framework As a part of requirement we want to achieve following: Integrate (OIDC) with SSO Federation as…
Joey Trang
  • 1,105
  • 2
  • 23
  • 44
0
votes
1 answer

@EnableOAuth2Sso and csrf

I am trying to build a complete sample code for Gateway, UI , Resource . Every thing worked perfect except when i tried to do post . I noticed first that i have double csrf one from gateway and one from the UI . So my decision which i am not sure is…
Shahbour
  • 1,323
  • 1
  • 16
  • 42
0
votes
1 answer

How to connect angular 2 application with spring-oauth2 server?

I have an oauth-server secured with 'spring-cloud-oauth2' and 'spring-cloud-security' and the application is a spring-boot application. I am trying to get access_token from an angular 2 app, i.e. I want to login from angular 2 app. In my…
Monjur Morshed
  • 84
  • 3
  • 9
0
votes
1 answer

Calling refresh_token doesn't refresh resource ids in token

Flow is something like this: We have an oauth app registered with specific resource ids listed, so this app has access to those After some time there is a need to add another resource id, as we are extending features of our client app From time to…
hi_my_name_is
  • 4,894
  • 3
  • 34
  • 50
-1
votes
1 answer

How to secured many java web applications

I have three java web applications in one server and I want to connect on all applications with a single login. I want to use oauth with spring cloud security. someone can help me please!!!
Miaik
  • 1
  • 1
1 2
3
4