Using API endpoints with security in #ImportResource annotation - spring-boot

I am working on a spring boot application and I am using #ImportResource annotation for importing resources. I am using an API endpoint within #ImportResource("http://localhost:port/resources"). This API endpoint has authentication enabled. How can I configure authentication in my spring boot app to connect to this endpoint in #ImportResource.
Please help
Thanks in advance

Related

oauth 2.0, JWT, Spring security, Micro services

I need some understanding on over all flow of spring security.
I have implemented oauth2 Authorization Server and a Resource server in the same Spring Boot App.Where i am able to generate JWT tokens. And sample Rest api in this app is secured and accessible only with token.
I have another spring boot app which should be secured? What should i do in this. Also i need to read the token in this service to know the role of user.
Please clarify me how to implement the step2.
You can create a module where your spring security config is implemented.
In this module is the class that is annotated with the #EnableWebSecurity annotation, where you define the open routes. I guess you already have a class like this for your sample rest API, mentioned in step 1.
Now every microseconds that has to be secured uses this module by importing it, eg as maven dependency. By this it's api is automatically secured via spring security.
Your auth service serves a jwk endpoint where every microservice can verify a token via public key.

Spring Boot & JAAS

I have an existing legacy SOAP webservice that runs on Tomcat and uses JAAS(Java authentication & authorization service) for user authentication. I would like to convert this to a SOAP service which runs on Spring boot. I also want to continue with the JAAS configuration for security. How can I integrate JAAS with Spring boot?
Any pointers are appreciated

How to Refresh Spring Boot Configuration Info with Using Spring Cloud Config

I would like to ask how to refresh spring boot configuration info with using spring cloud config. Would you please give me some advice? Many thanks.
If your spring boot application is a client of Spring Cloud Configuration Server and use itself as single point of truth in the application configuration let's say retrieve application.properties/yml from the config server, you can benefit of #RefreshScope. in this case if you do a post to the /refresh if you use spring boot 1.x or /actuator/refresh if you use spring boot 2.x all the bean that are have are annotated as #RefreshScope will be refreshed.

How to enable ZuulProxy in spring mvc

I am trying to implement Spring Cloud Netflix zuul proxy in my application. In internet, i am getting all option where it's implemented using spring boot. To enable zuul proxy, in spring boot, it's done -
#EnableZuulProxy
#SpringBootApplication
public class SpringCloudZuulExampleApplication {
But my application is spring mvc application and i have xml based configuration. Now I am not understanding how to do #EnableZuulProxy in my application-context.xml file.
Zuul proxy is used to route the traffic. More details about it can be found at - https://exampledriven.wordpress.com/2016/07/06/spring-cloud-zuul-example/
Thanks for the help.
Spring Cloud Netflix is fully dependent on Spring boot. So it can't be used without Spring Boot.
You can consider migrating your Spring MVC application to Spring Boot application. Or you may consider using Netflix Zuul that is not dependent on Spring Boot.

Secure Spring Apache CXF services with Spring Security Oauth2

I have a running Spring based Apache CXF web service. I want to use Spring Security Oauth2 to secure the existing service. I have done this for SpringREST service but i am not able to find any help for securing CXF with Spring security Oauth2. Can some one please help me.

Resources