HI I am implementing oauth2 using spring security. This application will be deployed in a multi-node clustered environment. How spring will synchronize authorization code between multiple nodes? It can be achieved via jdbcAuthorizationCodeServices but I can't use relational DB. Requirement is to use NoSql DB. Is there a way to add custom plug-in custom authorization code generator which will be used by spring to create and consume auth code (Code example will be really helpful)?
Thanks
Related
Based on the SCDF document, as of Spring Cloud Data Flow 2.0, OAuth2 is the only mechanism for providing authentication and authorization.
However, I want to create the simple login page without using Authentication provider. Could I apply Spring Boot Security following this link to Spring Cloud Data Flow project?
I have also tried the example using UAA and LDAP server here. But I am looking for the more simple way for authorization.
I have a spring boot microservices application, some services include spark (embedded). Actually, I secured all the application and I need to secure the access to Spark Web UI. I checked the spark doc and other resources and they say that I should implement a Filter but I don't know if this is the right way and for my case.
The main objective is to limit access to the ui interface. I already added authentication using Kerberos, ldap and jwt so i would like to use same process with spark and make access using ldap.
Any other suggestion are welcome.
Thank you in advance.
We are currently trying to integrate Spring Security into our application.
Our application used to store data in native XMLs. We are in the process of integrating with MySQL.
However, certain sites are still having lots of data in XML and we want to provide backward compatibility.
So does spring security provide authentication mechanism for XML based database just like it does for SQL and LDAP?
Is there a way around this problem?
While doing some practice examples to learn spring security, I come up with some following use case. But I did not find best possible approach using spring security. Could some one please help me on this
I have angularJs application, Spring boot application running on different servers . In redis cache I have user info(role, and some other info) with gsid as key. In each rest call I am passing gsid as cookie. Now I want to validate each request in the Spring security Filter by fetching user info from the redis cache before sending to #Restcontroller.
what could be best approach to authenticate and authorize the request using spring boot security.
Use spring-session with redis, it also provides integration with spring-security.
I am new to Spring Security and am mulling over the idea of using it or not in my application.
The requirement is as follows :
In my web application i store a session information inside the database,a key for this is stored in a cookie
2.Now whenever someone tries to access a url which is not according to the flow i want to deny access.
3.Can i use Spring Security for this.
I am using Spring MVC,Mongo DB and MySQL as the develeoment environment.
Regards,
Abhishek
If you're trying to simply control the flow of an application, I'd suggest using Spring Webflow. This allows you to define set flows in a multi-page application.
Spring Security can be used to control flows, but only for access control. It integrates well with Webflow (and with Spring MVC) to ensure you can secure some or all of your flows.