Stack Overflow
Stack Overflow

Questions tagged [spring-security-oauth2]

Spring Security's deprecated implementation of the OAuth2 spec. For OAuth2 with Spring Security 5 use Spring Security tag. We don't get many questions on OAuth 1(a) but feel free to tag them here.

Spring Security's deprecated implementation of the OAuth2 spec. The GitHub Project and the Spring Framework Website provide support for using Spring Security 4 with OAuth (1a) and OAuth2. It provides features for implementing both consumers and providers of these protocols using standard Spring and Spring Security programming models and configuration idioms.

3166 questions
1
vote
1 answer

Access to XMLHttpRequest at '' () from origin '' has been blocked by CORS policy:No 'Access-Control-Allow-Origin' header is present

I am getting the below issue while logging out from openid connect. "Access to XMLHttpRequest at '' (redirected from '') from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on…
Saritha
  • 63
  • 1
  • 2
  • 6
1
vote
2 answers

Spring boot 2 + Oauth2 - Securing the Rest Calls in Microservices

Im working on a spring boot 2 micro services . now im planning to secure to my rest calls using the OAUTH2 . I found lot of articles reg that Spring 2 + OAUTH2 integration but does not match with my requirement , all of them use tables and secure…
PremKumarR
  • 461
  • 1
  • 6
  • 19
1
vote
0 answers

Omit extra parameters on the Redirect URI

I am implementing an Oauth2 auth server using Spring. After authentication I need to generate an JWToken with some extra information in it. I have an AuthorizationServerConfigurerAdapter configuration: @Configuration public class AuthServerConfig…
marcellorvalle
  • 1,631
  • 3
  • 17
  • 30
1
vote
0 answers

How to secure different Spring Boot rest APIs Using OAuth2

I want to secure different Spring boot rest APIs using OAuth2 authorization server. What is the best solution to achieve this?
Mushtaq hussain
  • 11
  • 2
1
vote
0 answers

How to edit the Principal's role and name information in a Spring WebFlux application running as OAuth2 Resource Server?

I'm developing an application where my back-end is a stateless resource server. Every request that it receives should contain an Authentication header with a JWT Bearer token - currently a Google id_token. I'm able to verify the token, but in order…
mrgiesel
  • 85
  • 1
  • 7
1
vote
0 answers

How to login different type of users using Spring-Boot 2.0 and OAuth2

I have different types of users that I want to authenticate with a single authorization server. Each one has a database table and will log in through a different client. I want to be able to know from which db table I have to look to authenticate…
Trymous
  • 39
  • 5
1
vote
1 answer

Is it ok to add access_token authorities to the OAuth2LoginAuthenticationToken?

I have a simple spring boot application with two services - ui and resource. I trying to configure oauth2+oidc authentication using uaa server. When I login in the ui service, spring security creates authentication result (in…
Kirill
  • 1,540
  • 4
  • 18
  • 41
1
vote
0 answers

How to adapt spring security to work with Ali Cloud's OAuth2 endpoint

I am trying to get spring-oauth2 to work with Ali Cloud's OAuth endpoint. I have the following in my application.yml. security: oauth2: client: registration: alicloud: clientId: foo clientSecret:…
user2374991
  • 21
  • 1
1
vote
0 answers

OAuth Error: Invalid client and Bad Bad client credentials

I am doing about spring security oauth2. But when i login it always notice: OAuth Error error="invalid_client", error_description="Bad client credentials". I followed many same questions on stack overflow but haven't fixed this. This is my…
Hãnh Nguyễn
  • 43
  • 6
1
vote
2 answers

Spring Security getprincipal() method returns string (Username) in place of class UserDetails

We are using Spring-boot 2.0.5 with JWT Token SecurityContextHolder.getContext().getAuthentication().getPrincipal() returning String (Username) in place of CustomUserDetails Object which is implemented UserDetails class in WAR file only. This…
user3315763
  • 11
  • 6
1
vote
0 answers

InsufficientAuthenticationException: Authentication is required to obtain an access token (anonymous not allowed) - while doing ROPC token request

It might sound a bit strange. But i have a situation where my app needs to make an ROPC token request with userdetails to be taken from properties. The call is triggered when there is a random incoming request, which is anonymous. But in the token…
Abbin Varghese
  • 2,422
  • 5
  • 28
  • 42
1
vote
2 answers

OAuth 2.0 on REST API with Third party provider

I`m new to OAuth 2.0 and am trying to develop a application using a third party OAuth provider with Authorization Code grant flow as ny Authorization Server and Spring Security. This provider gives me two endpoints /authorize and /token and those…
Matheus Silva
  • 13
  • 4
1
vote
0 answers

Spring security and oauth2 authentication problem

My problem is if I use org.springframework.security.authentication.ProviderManager for my autheticationManager in applicationContext-security.xml then I unable to authenticate with oauth2. If I switch back to authentication-manager…
sfeher
  • 51
  • 4
1
vote
0 answers

Oauth2 authentication in Angular 6 and spring boot are on different host

I've frontend application is written on Angular 6 and backend app(REST) is written Spring Boot. I need authorization through social network VK. What have I already done? Backend server interceprs all request, checks authenthication, if user didn't…
mvsavkin
  • 11
  • 2
1
vote
1 answer

Spring Security And Angular 6 HTTPS requests

my backend app in spring boot and secured with ssl. I used OAuth2 facebook login. Also the frontend app in Angular 7 and secured by ssl. My problem is sending requests Angular to my Spring boot App. All apps is https. P.S. All works if i add url to…
Ibrahim Rajabli
  • 33
  • 1
  • 8
1 2 3
99
100