I have Spring application with Spring Security version 3.2.5 and spring version 4.3.7.
I want to remove the old fashioned login page and integrate it with Azure AD B2C. For the B2C part, I have the B2C tenant and necessary policies in place. I tried finding something on this for Spring, but all the examples and samples I found were based on spring boot.
Is it feasible to achieve B2C authentication & authorization integration with Spring?
Unfortunately there is no proper document where we have entire information for Spring to integrate with Azure AD B2C.
This sample demonstrates a Java web application that is secured using Azure AD B2C. And this sample demonstrates a Java Servlet webapp that signs in users with Azure AD B2C. You could refer to them.
Related
I have a spring boot REST service which is protected with Azure AD, so I'm using the Spring Boot Starter for Azure AD.
I'm also using the springdoc-openapi library to generate the API documentation. For now I'm hand writing the yaml file to describe the documentation.
I'm looking for help with getting swagger to authenticate with Azure AD so that I can try out the endpoints in the backend.
Is there someway to do this by either editing the yaml file or with the springdoc-openapi library?
For getting swagger to authenticate with Azure AD you need to create registered two web application one is for webAPI and another is for your swagger.Then you shoukd require Delegated Permissions for your Swagger Web Site to ‘Access’ your WebAPI.As swagger is in-built configured in the .Net 5.0 template so that we don't need to take care of documenting our APIs in this latest .Net 5.0.
You can refer this Document here they have given in steps how to authenticate swagger with azuread.
You can also refer this document for how Setup Swagger to authenticate against Azure Active Directory is provided by devloper community of .net
I am working in spring mvc project where spring security-3.2 has implemented for login.I need to implement microsoft azure ad in existing spring project. I have register our web application in microsoft AD portal.I got applicationId, tenantId, SecretValue now. Could you please help me to implement AD in spring mvc application.
I have seen many examples for implementation of oauth2 in springboot.but there is no implementation sample for spring+jsp+oauth2.
Our organization uses Oracle sso saml for all application authenticarion. We are planning to move our on prem to azure paas as APIs behind API Management.
Is there any reference document to how to setup SAML based auth provider in API Management.
Thanks,
Mahesh B
Here are some documents for your reference.
You can use Azure AD as the auth provider. Protect an API by using OAuth 2.0 with Azure Active Directory and API Management.
Single sign-on to applications in Azure Active Directory.
Oracle Cloud Infrastructure as a basic SAML single sign-on application in Azure AD.
I have an app (A) exposing REST services secured with oauth2. (spring security oauth2/spring-web)
I want to create a second app (B) (spring-boot or normal spring), from where I can login then call the REST services from A.
How can I configure security in app B so I can use both social login (facebook, twitter, google) and call REST services from app A? Is there an example using spring security/oauth/social integration?
I've found some examples but none sais how to integrate them
Have you tries the Spring oAuth2 tutorial with FB and Google login? This also includes a local login. All code is available in git from the link in the right column of the tutorial.
I'd like to give users the option to login to a Spring Boot web application using their Google or Facebook account.
I checked The Spring Cloud Security documentation and also This GitHub issue to add such SSO functionality, but on both they only show how to configure one SSO server, so it's either Google or Facebook.
How can I add both options? on the web front-end I will add a button for each option so the users can choose which account to use, either Google or Facebook.
Or I am choosing the wrong package and should use something different altogether to achieve this?
Thanks!
You basically have to install a separate authentication filter for each provider. There's a tutorial here: https://spring.io/guides/tutorials/spring-boot-oauth2/.