79290

Spring Security OAuth 2 with form login

Question:

I'm trying to configure my Spring boot application to use a form login, and to verify the credentials using an OAuth 2 authorization server (sending the credentials from the form login to the user authorization URL.

However, when I'm using the following SecurityConfig and I go to a resource, rather than using a form login it redirects to the authorization server, asking for my credentials (using basic authentication) and then redirects back to the application itself.

I'm using the following SecurityConfig:

@Configuration @EnableOAuth2Sso public class SecurityConfig extends OAuth2SsoConfigurerAdapter { @Override public void configure(HttpSecurity http) throws Exception { http .logout() .and() .antMatcher("/**") .authorizeRequests() .anyRequest().authenticated() .and() .csrf() .csrfTokenRepository(csrfTokenRepository()).and() .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class) .formLogin(); } // CSRF repository + filter }

I am providing the formLogin() to the configure() method, but this doesn't seem to work.

The following configuration is in my application.yml file:

spring: oauth2: client: clientId: test clientSecret: secret accessTokenUri: http://localhost:8081/uaa/oauth/token userAuthorizationUri: http://localhost:8081/uaa/oauth/authorize clientAuthenticationScheme: header resource: userInfoUri: http://localhost:8081/uaa/user

This configuration does work, because after the redirect I am getting authorized, but it's not in the way I would like it to work (with a form login in stead of a redirect to the OAuth2 Authorization server).

Answer1:

With SSO the whole point is that the user authenticates with the auth server (localhost:8081 in your case). If you want a form login, that's where you need to implement it, not in the client app.

Recommend

  • Getting last row's data in the map
  • how to build protocol buffer for iOS7?
  • Can I get entire i18n labels of specific dictionary
  • Exception in thread “main” java.awt.AWTError: Assistive Technology not found: com.sun.java.accessibi
  • Share objects in nodejs between different instances
  • Get All IP and Mac Address in lan
  • locationManager avoid (null) string in a Label
  • Keep play application running after putty terminal closed
  • Appending spaces with str_pad
  • Intersection of characters in two strings
  • how to change the black color to Red with opencv python
  • Why processBuilder in java hangs after 5 mins?
  • List using with references, changes behavior when used as a member
  • Preparing an Oracle Connection after being retrieved from a ConnectionPool
  • How to debug iBeacons and Passbook
  • Populating a database table with returned JSON
  • Scheme procedure to compute the nth repeated application of a function?
  • C++11: Why rvalue reference parameter implicitly converted to lvalue
  • Arraylist of strings into one comma separated string
  • Spotify cocoalibspotify offline status set to 1 but all tracks stuck at waiting
  • How do I use libcurl to printf a remote FTP directory listing?
  • Multiplying polynomials/simplifying like terms
  • Annotate objects in a queryset with next and previous object ids
  • How to split wav file into two or more parts using c#
  • Floating parent div grows to hypothetical width of floating child div
  • Content-Type alternative in MQTT
  • Will this work on all screen sizes?
  • Send array to next viewcontroller iOs xcode [duplicate]
  • How to encrypt Connectionstring written in web.config from codebehind?
  • Codeigniniter insert data through models and controller
  • VLOOKUP in IMPORTRANGE
  • Call Microservice from another Microservice within Docker
  • Sign a Pdf using custom digital signature in Java
  • PHP Permalinks.. how to change?
  • Spring Boot not autowiring @Repository
  • What does the “id” field in an Android “Google Play Music” broadcast intent correspond to?
  • ARKit code issue {unknown error -1=ffffffffffffffff error: Task failed with exit 1}