Stack Overflow
Stack Overflow

Questions tagged [spring-security-oauth2]

Spring Security's deprecated implementation of the OAuth2 spec. For OAuth2 with Spring Security 5 use Spring Security tag. We don't get many questions on OAuth 1(a) but feel free to tag them here.

Spring Security's deprecated implementation of the OAuth2 spec. The GitHub Project and the Spring Framework Website provide support for using Spring Security 4 with OAuth (1a) and OAuth2. It provides features for implementing both consumers and providers of these protocols using standard Spring and Spring Security programming models and configuration idioms.

3166 questions
1
vote
0 answers

Spring Cloud Gateway - Setup own RemoteTokenService

I used to use a Zuul gateway for my microservice environment. I have set up my own OAUTH2 service, which is using the Spring Security OAUTH2 library for it's configuration. In Zuul I had found a 'trick' to use a remote token service, which pointed…
MagicLegend
  • 328
  • 1
  • 5
  • 22
1
vote
4 answers

How to configure TestRestTemplate to use a Keystore?

My project has a series of integration tests that use TestRestTemplate and MockMvc. These had been passing successfully. I have now added Spring Boot Starter Security and Spring Security OAuth2 Autoconfigure dependencies to my project. I have…
Space Cadet
  • 385
  • 6
  • 23
1
vote
1 answer

Spring OAuth2 Single Sign On redirects to wrong url

I'm developing a Single Sign On server using Spring OAuth2. My demo app includes 1 sso-server and 2 client apps (both clients either Spring apps with @EnableOAuth2Sso or Angular 5 apps). It works with the basic case: An unauthenticated user opens…
user123
  • 577
  • 5
  • 23
1
vote
3 answers

Spring OAuth2.0: Getting User Roles based on ClientId (Authorization Code Grant Type)

I have a setup of spring boot OAuth for AuthServer and it is resposible for serving a number of few resource server for authentication using spring-security-jwt. My problem is while authenticating I need to load the roles of a user but specific to…
Abid Ali
  • 61
  • 6
1
vote
1 answer

How to integrate Spring Boot with Spotify OAuth 2 authentication

I´m new at spring boot and spring security. So i started with some tutorials. Now i want to integrate oauth authentification with spotify in my sample application. I´ve oriented me on the spring boot oauth 2 tutorial from spring.io. There will be…
DK-Stern
  • 31
  • 7
1
vote
2 answers

How to tune authenticationEntryPoint behaviour Spring Security

I have Spring Boot 2 based Security Gateway performing OAuth2 authentication sitting before GUI app and back-end. It is configured like @Configuration @EnableOAuth2Client @EnableWebSecurity public class SecurityGatewayConfig extends…
Fedor
  • 559
  • 1
  • 7
  • 19
1
vote
0 answers

how can i do authorities access controll in spring security oauth2?

I`m trying to use spring security oauth2 to do authority access controll with annotations like @PreAuthorize("hasAuthority('perm2')") or with security config in WebSecurityConfigurerAdapter.But I always get 403 forbiden when I try to access an api…
Doug Tea
  • 19
  • 2
1
vote
1 answer

Facebook Spring OAuth2User does not contain email

I'm trying to implement the signup phase with Facebook of my Spring webapp using Spring OAuth2. I'm following this guide https://www.callicoder.com/spring-boot-security-oauth2-social-login-part-2/ but something in my code does not work as expected.…
Stefano Sambruna
  • 767
  • 2
  • 10
  • 29
1
vote
1 answer

Spring Security OAuth2 and Ldap authentication to the same resourse

I have Spring Boot 2 REST application, and I want to configure Spring Security to support Google Sign-In OR LDAP authentication to the same resourses(/employees for example) I've already done authentication through httpBasic(which connects to the…
skyhook19
  • 53
  • 2
  • 5
1
vote
2 answers

How can we implement authorization server using the latest spring-security-oauth2 jars with Spring 5.0?

I am using spring-security-oauth2 jars from below location with Spring security 5.0: http://repo.spring.io/release/org/springframework/security/ The jars available there are: spring-security-oauth2-core, spring-security-oauth2-client,…
Subham Amrit
  • 21
  • 1
1
vote
1 answer

How to use OAuth2RestTemplate having only tokenValue?

The application starts when other application calls the starting endpoint with the access token as a paremeter. The access token is a type of string. Then I have to call a few other endpoints where the authentication is based on that token. Is it…
tomasz-mer
  • 3,753
  • 10
  • 50
  • 69
1
vote
0 answers

configuring method level authentication with spring-security and oauth2

I need to configure preAuthorize with method level scope check using oauth2. I have added all the configurations as shown below. It redirects me to user name , password console always. In my case I just want to validate the scope of given access…
Dileep Shivannachar
  • 31
  • 5
1
vote
1 answer

Should OAuth2 resource servers use Basic or Bearer token auth when communicating with the authorization server?

Given separate spring-security-oauth2 authorization and resource servers: I expected the authorization server's /oauth/check_token endpoint to accept a Bearer token from a resource server in the Authorization header but it only accepts Basic auth.…
geg
  • 4,399
  • 4
  • 34
  • 35
1
vote
3 answers

OAuth2 Client Principal do not have GrantedAuthorities when authenticated by Other Custom Authorization Server (SpringBoot2 & OAuth2)

i'm using Spring Boot2 as Framework and Thymeleaf as template engine. in my authorization server, i added user 'admin' as 'ROLE_ADMIN'. but in Client Application, when i loged in as 'admin' and print Authentication Object from…
박예찬
  • 117
  • 1
  • 11
1
vote
1 answer

Spring Security OAuth2 - Find refresh token by username

Let's say we have an admin that wants to invalidate all user tokens (effectively logging the user out everywhere), but without blocking his account. The user should still be able to log in normally. Example: clientIds.forEach(clientId -> { …
Sikor
  • 11,628
  • 5
  • 28
  • 43
1 2 3
99 100