Stack Overflow
Stack Overflow

Questions tagged [spring-security-rest]

The Spring Security REST Grails plugin allows you to use Spring Security for a stateless, token-based, RESTful authentication.

213 questions
2
votes
1 answer

Spring Security Custom Filter gets called Multiple times

I have a Custom Spring Security filter which is getting called Multiple times and I am not able to figure out why. I searched it and tried adding FilterRegistrationBean as some post suggested but still my Secuirty filter gets called multiple times…
skool99
  • 780
  • 1
  • 16
  • 35
2
votes
3 answers

spring boot security authentication to verify body contents

I want to Authenticate one of the post request body key-value pair, but I want to do the same with the help of a Interceptor/Filter. How can I do that?
Pankaj Sharma
  • 21
  • 5
2
votes
1 answer

Spring Security /login - 404 not found

I'm facing problem with enabling user log-in page - 404 not found. This is tutorial that I'm using as base of my application security. That's how configure function looks like: @Override protected void configure(HttpSecurity http) throws Exception…
Nickname11
  • 501
  • 9
  • 23
2
votes
2 answers

Spring Security loadUserByUsername() method is not called and authentication is sucess for incorrect password

I am implementing HTTP Basic auth scheme for my REST services using custom DAO UserDetailsService. However this overridden method is not getting called and authentication succeeds even if i send incorrect password to the API (through POSTMAN). Any…
Rajesh Mel
  • 21
  • 1
  • 2
2
votes
0 answers

Create custom method to disable JWT Token in Spring Boot application

I have created Spring Boot application using Spring Security and JWT. I want to write a custom method to revoke a JWT Token, that was created and given to a user. Is there any way to solve this problem? Please share the solution
Balaji
  • 21
  • 3
2
votes
1 answer

Spring Boot security allow requests from given IP address

We have following security configure code, @Override protected void configure(HttpSecurity httpSecurity) throws Exception { httpSecurity.cors().and().csrf().disable().authorizeRequests().antMatchers("/api/**").anyRequest() …
Muralidhar
  • 113
  • 1
  • 12
2
votes
2 answers

How to Authorize micro-services internal communication?

I have multiple micro-services. which can be called by client through API gateway and also micro-services can communicate each other. Ideally request will come from API gateway from user which will have all permissions. here i am trying to assign…
Ashish Sharma
  • 847
  • 1
  • 12
  • 23
2
votes
1 answer

Does spring security JWT implementation deal with alg:none attack?

JWT implementations might be exposed to different attacks, one of them is the alg:none attack (see more details here). I'm using spring-security-jwt dependency in my pom.xml file, and was not able to find out whether this implementation deals with…
omer
  • 1,242
  • 4
  • 18
  • 45
2
votes
2 answers

Rest authentication with spring security and mongodb

I've implemented a Spring app with mongodb and now I've implemented Rest authentication with Spring security and Mongodb, and now I have to add the Authorization header, and it only shows the data from the api call if the Authorization is ok, from…
StuartDTO
  • 783
  • 7
  • 26
  • 72
2
votes
1 answer

Spring Security 5 + Google OpenID + Rest

I am trying to secure REST API using Google OpenID and Spring Security 5. Is there any example that I can refer to? I am using Spring Boot and want to learn how can I secure my Rest Api using Google OpenID.
Nirav
  • 602
  • 1
  • 10
  • 28
2
votes
1 answer

Spring Boot JWT token Object wise fetching

I am having division table with three row like divsionId name 1 divA 2 divB 3 divC and customertable like custId Name divisionId 1 cust01 1 2 cust02 1 3 cust03 2 4 cust04 1 5 …
Naveen
  • 45
  • 3
  • 10
2
votes
0 answers

com.nimbusds.jose.JOSEException: Unsupported JWS algorithm RS256, must be HS256, HS384 or HS512 while working with Auth0 tokens

We have an existing application that uses spring security rest as a security mechanism and we decided to switch to Auth0. I am trying to make grails spring security rest plugin work with Auth0 tokens. Based on the documentation, it seems that the…
Shurik Agulyansky
  • 2,607
  • 2
  • 34
  • 76
2
votes
1 answer

Spring Boot Oauth2 Validating Access Token for Resource Owner Password Credentials Grant

I'm writing a filter that would intercept an Restful API call , extract a Bearer token and make a call to an Authorization Server for validation. I couldn't find one in Spring Boot that does it out of the box, but I'm sure there is a cleaner way to…
JavaHead
  • 635
  • 1
  • 6
  • 21
2
votes
0 answers

How to create a REST authentication endpoint with Spring Security

Here is how simple REST authentication would work: client connects to REST login endpoint and sends name\password; server sends 200 OK and some token; client keeps the token; client adds the token to every next request to the REST APIs. However,…
Roy
  • 139
  • 3
  • 11
2
votes
1 answer

How do I handle a custom authentication exception in grails spring-security-rest plugin?

I am using Grails with the spring-security-rest plugin. How do I make sure all user authentication errors get logged? I am finding that security exceptions thrown within the plugin are not being logged using my current config. I want any user…
RMorrisey
  • 7,637
  • 9
  • 53
  • 71
1 2
3
14 15