Stack Overflow
Stack Overflow

Questions tagged [spring-security-oauth2]

Spring Security's deprecated implementation of the OAuth2 spec. For OAuth2 with Spring Security 5 use Spring Security tag. We don't get many questions on OAuth 1(a) but feel free to tag them here.

Spring Security's deprecated implementation of the OAuth2 spec. The GitHub Project and the Spring Framework Website provide support for using Spring Security 4 with OAuth (1a) and OAuth2. It provides features for implementing both consumers and providers of these protocols using standard Spring and Spring Security programming models and configuration idioms.

3166 questions
1
vote
1 answer

Spring security OAuth redirect endpoint not found

I have added Spring Security to an existing JEE application to add OAuth to the application. The security configuration is set to protect the REST API, and that part seems to work fine. When the UI requests a protected URL, the response contains a…
Luc Feys
  • 127
  • 1
  • 9
1
vote
1 answer

Not able to set cookie samesite=none for spring boot 1.5.22

I working on spring boot 1.5.22 and i'm facing an issue with the cookies samesite=none proporty.I'm not able to set the samesite attribute for cookies because of which the oauth authentication is not working on chrome but it is working on other…
bhanu prasad
  • 21
  • 2
1
vote
1 answer

cucumber test, jhipster and oauth: ClientRegistrationRepository bean not found

I have a problem with running Cucumber tests in a khipster project (I can reproduce it with jhipster as well) when I configure it to use oauth2. I create the project with the following configuration file (I call it mono.jdl): application { config…
user983447
  • 1,598
  • 4
  • 19
  • 36
1
vote
2 answers

Spring 5 Oauth2 - How to provide the check token URL in my Resource server?

I need some help.. I set up an AuthorizationServer using @EnableAuthorizationServer from Spring-security-oauth2 for grant type "client_credentials". Able to create, check tokens and everything good with…
ninja
  • 43
  • 8
1
vote
0 answers

CustomClientDetailsService runs 6 times on my AuthorizationServer

I have my authorization server working with the autoconfiguration of spring-oauth2 @EnableAuthorizationServer in which I have my own custom ClientDetailService service, I am doing very well but I have a problem, it turns out that said service runs 6…
Jimyx
  • 83
  • 7
1
vote
2 answers

Spring framework security bean "AuthenticationManager" not found

I am using OAuth2 with spring boot. I am new to Oauth. I am getting this Consider defining a bean of type 'org.springframework.security.authentication.AuthenticationManager' in your configuration exception while running my spring boot application. I…
Amit
  • 231
  • 1
  • 8
  • 19
1
vote
1 answer

Unable to fix a vulnerability on spring-security-oauth2-resource-server

I have a Spring project that show the following dependencies when I run mvn dependency:tree. +- org.springframework.boot:spring-boot-starter-oauth2-resource-server:jar:2.3.3.RELEASE:compile [INFO] | \-…
Mike K.
  • 543
  • 3
  • 14
  • 46
1
vote
0 answers

Unable to access resource getting 401 Unauthorized error when request with successfully received access_token in spring boot Oauth 2.0

I am using spring boot Oauth2 security with grant_type = authorization_code flow. I have successfully received response of code with oauth/authorize request and then passing this code in oauth/token request and also successfully received…
Chirag Shah
  • 353
  • 1
  • 13
1
vote
0 answers

Steam authentication with Spring Security?

Im currently trying to implement Steam Authentication for a Spring Webflux REST Api and I want to use JWT. My problem at the moment is to understand how the Steam OpenID login works. Normally I have to provide a client-id and a client-secret, but…
FinishedHim
  • 345
  • 1
  • 3
  • 9
1
vote
1 answer

Support for multiple grant_type with Spring security in the same application

Is it readily configurable in Spring Security for an application to make use of 2 different grant_type? Our Java BE app is to be used by 2 different kind of users via an Angular FE app. User type is defined as a request header: Employees: Must…
momo
  • 3,404
  • 6
  • 37
  • 66
1
vote
0 answers

Spring Security OAuth2, How to custom Authorization code & access token

I want to customize the auth code, access token value longer in my way. I do not use oauth authentication on Google, Facebook, and support ID password login through internal services through formlogin(). I've seen this(…
boss109
  • 11
  • 3
1
vote
0 answers

When generating JWTs in Spring Security, how can one make the payload of the access token different from the payload of the refresh token?

While we have a solution to this, we want to know if there is a better solution because ours is ugly and feels super wrong. So, does anyone know of a better solution using Spring Security? Problem We maintain an application that manages user…
John Stone
  • 187
  • 9
1
vote
1 answer

What is the recommended approach for logging Spring Security OAuth2 authentication failures?

I'm working on a Spring web application (not Spring Boot) that uses Spring Security 5.3.3, Spring Security OAuth 2.5.0, and configures it like this: http.authorizeRequests(). antMatchers(permitUrls). permitAll(). anyRequest(). …
ptkvsk
  • 2,096
  • 1
  • 25
  • 47
1
vote
0 answers

How to secure my spring web application using OAuth2.0(spring cloud)

I am creating one POC spring web application with OAuth2.I need to create an authorization server and a client cum resouce-server.I am done with the authorization server. Now I am trying to build a Thyme-leaf based web(MVC) application which is my…
Gopal
  • 39
  • 8
1
vote
1 answer

Initialising OAuth WebClient Bean in Spring MVC

I have a WebApp JSP project deployed on Weblogic 12 as a WAR. My gradle build includes mvc and webflux: implementation 'org.springframework.boot:spring-boot-starter-web:2.3.2.RELEASE' implementation…
APD
  • 1,459
  • 1
  • 13
  • 19
1 2 3
99 100