I am working on setting up Auth0 with my Spring Boot application. I've been following Auth0's guide (https://auth0.com/docs/quickstart/webapp/java-spring-boot/01-login), but am getting an error:
Login with OAuth 2.0
[invalid_request] no connections enabled for the client
https://[removed].auth0.com/
The Allowed Callback URL is set to: http://localhost:8081/login/oauth2/code/auth0
The spring-boot-starter-oauth2-client has been added
I have the following in my application.properties file:
spring.security.oauth2.client.registration.auth0.client-id=[removed]
spring.security.oauth2.client.registration.auth0.client-secret=[removed]
spring.security.oauth2.client.registration.auth0.scope[0]=email
spring.security.oauth2.client.provider.auth0.issuer-uri=https\://[removed].auth0.com/
The SecurityFilterChain and Controller are both direct copies from the guide. The index.html page has a link to:
<a th:href="#{/oauth2/authorization/auth0}">Log In</a>
I can't find anything on Auth0's website or any forum that to help determine where the error is coming from. Any ideas on where I can look?
Related
I tried to integrate Azure AD with a Spring Boot web application, I followed the example from the Azure's documentation but I encountered an error message: "[invalid_request] AADSTS9000411: The request is not properly formatted. The parameter 'scope' is duplicated...", as shown in the below screenshot.
I can't find any scope parameter to figure out why it says is duplicated.
I have in the application.properties file the following setup:
spring.cloud.azure.active-directory.enabled=true
#Specifies your Active Directory ID:
spring.cloud.azure.active-directory.credential.client-id=...
spring.cloud.azure.active-directory.profile.tenant-id=...
spring.cloud.azure.active-directory.credential.client-secret=...
Does anyone had the same issue?
I'm created java web application using spring boot starter for azure active directory step by step like is described in:https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-active-directory
My application with my azure account work fine when i open localhost:8080 it redirects me to azure where I do the login and then I'm redirected back to my app.
Problem is when i try to configure this dummy app with azure AD account from my customer. Here also when i open my app host app redirects me to azure login and after login i got error like in screenshot
and here is my application.properties
azure.activedirectory.tenant-id=placeholder
azure.activedirectory.client-id=placeholder
azure.activedirectory.client-secret=placeholder
azure.activedirectory.object-id=placeholder
azure.activedirectory.user-group.allowed-groups=group1
azure.activedirectory.session-stateless=true
security.oauth2.authorization.token-key-access=permitAll()
spring.thymeleaf.prefix=classpath:/templates/
spring.thymeleaf.suffix=.html
application.baseurl.logout.redirect=https://mydomain:8081/
application.groups.for.displaying=
application.groups.for.filtering=
server.port=8081
server.ssl.enabled=true
server.ssl.trust-store=/apps/tomcat/conf/trusted.jks
server.ssl.trust-store-password=mykeys
server.ssl.key-store=/apps/tomcat/conf/.keystore
server.ssl.key-store-password=f213495a0be855c4ab190a1f84cc18cd
server.ssl.key-store-type=JKS
server.ssl.key-alias=key-dev-ui
server.ssl.key-password=f213495a0be855c4ab190a1f84cc18cd
my configuration:
#Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and().csrf().disable().authorizeRequests().anyRequest().authenticated().and().oauth2Login().and().csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.and().oauth2Client();
}
Please check below points:
The issue may arise when the issuer value obtained from token is from different endpoint (v2) than expected.Please make sure to use latest version of spring boot api and check the same to be in dependencies.
You need to set the redirect URL as http://localhost:8080/login/oauth2/code/azure or http://localhost:8080/login/oauth2/code/ in the portal.You can configure other value according to your app in place of localhost:8080 .This redirect uri must be configured in your application properties.
Make sure to expose api and make sure the permissions are also configured and granted admin consent.
. Give default scope (make sure to add the scope in code)or directly give the scopes present in the app (check in app code) such as User.read ,file.read or offline_access and provide delegated permsissions in portal like below(if those are present in code ).
(or)
and grand admin consent
Also see springboot starter dev guide | ms docs and please check references below.
You may provide other configuration details by editing the question if above are not the cases to investigate further.
References:
spring-rest-azure-ad-oauth
using-spring-security-with-azure-active-directory-mga
I am creating endpoint that is dependent on another endpoint,i have created interface and did all of that stuff but when i requested https://example.com to give me info it did not responded and request timeout exception came up.the quarkus is not supporting https request i also have added certificates kindly let me know what i am doing wrong or what i need to do.
quarkus.http.ssl.certificate.file=META-INF/dev.crt
quarkus.http.ssl.certificate.key-file=META-INF/dev.com.key
com.package.xyz/mp-rest/url=https://example.com
You need to specify some properties in your application.properties file:
quarkus.http.ssl-port=8443
quarkus.http.insecure-requests=enabled
quarkus.http.ssl.certificate.key-store-file=keystore.jks
quarkus.http.ssl.certificate.key-store-password=password
Documentation source I used for this was the Quarkus cookbook available from RedHat: https://developers.redhat.com/books/quarkus-cookbook see section 3.8
Update: After set the loggin level to debug, this is what I got
I'm developing a springboot application with kerberos spegno authentication. But whenever user access the url protected by spring security it always return this 404 error
This is what I got from catalina.out
2020-05-15 22:45:59.122 ERROR 84750 --- [-nio-80-exec-10] o.s.b.w.servlet.support.ErrorPageFilter : Cannot forward to error page for request [/404] as the response has already been committed. As a result, the response may have the wrong status code. If your application is running on WebSphere Application Server you may be able to resolve this problem by setting com.ibm.ws.webcontainer.invokeFlushAfterService to false
You can see my entire project here, please point out my mistake and help me solve this problem
Thank you
We have a web based application with Front end in Angular JS 1 and REST service with Spring jersey frame work.We are using Spring 3.We have deployed our project in Tomcat 9.We have deployed angular js part as a separate project and REST service is build as a war file and deployed separately.
Suppose our application url is https://10.100.200.300:8443/DEMO.When we are trying to access the URL with a wrong value say https://10.100.200.300:8443/DEMO_TEST we are getting the error 404 i.e. resource not found by the tomcat server.We want to show some customized error page for 404 or any other tomcat error. Please suggest how to do it?
You can have a look here - Configure spring boot to redirect 404 to a single page app
Make spring configuration as mentioned in above answer and reroute it to your desired page.