I'm trying to run the servlet/spring-boot/java/saml2/login-single-tenant example from https://github.com/spring-projects/spring-security-samples.git using Keycloak.
I started a local docker Keycloak container in which I created a new realm with the saml identity provider.
When I run the example it connects to keycloak to fetch the /saml/descriptor, which is returned correctly. But then it throws an AccessDeniedException.
I don't know what I'm doing wrong, I don't even know what I should be doing right. Can anybody help me please?
The ultimate goal would be to have a pure machine to machine connection, without login page, protected by SAML.
Ps.: I know about OIDC, but I'm working on a java client that connects to a SOAP webservice that requires a SAML security token.
Related
I am beginner in Java Spring and I am trying to understand and setup application for school. (semestral work)
I have simple App what have JPA, DAO, Services and REST API implementation.
I need to secure this API by school OAuth2 server.
All resources on internet showing how to make own app what include Resouce server + Auth Server. To be used by client app. I already have external Auth server.
I am building Backend (REST) only, so I will be testing my app by Postman. I need to access for example my.app/login from browser, authorize on OAuth, then recieve JWT, what I can then use in Postman on requests for example to fetch user my.app/users/3 from my database.
How I can achieve this?
We are using web service datasource to interact with REST data in Jasper Reports.
That Web Service data source has 2 methods of authentication:
Basic
Google Authentication key
So we cannot query it with our actual security implementation.
Security description:
We are using keycloak and Open ID Connect protocol for protecting the endpoints.
Therefore, if we would like to query http://<host>:<port>/endpoint we need to have signed JSON Web Tokenon the client (jasper server) side to access it.
Did somebody already had this issue?
Is it possible to solve it without modification in Web Service plugin source code?
Used JasperReports Server version: 6.4.2
I am working on an application architecture which will have independent UI Layer(HTML5 and Angular2) and Service Layer(Spring Boot Project) . Both will be hosted on independent servers. The UI layer will fetch data from DB using REST Calls. I Have few queries.
1. I am building my UI with Angular2 which basically runs on node.js. How can i integrate spring security using ldap.
2. How can i make REST Calls to my service which is hosted on a different server.
3. How do i solve the issue of authentication/authorization with REST Service using Spring security.
Looking forward to your responses.
Thanks,
Avinash
How can i integrate spring security using ldap.
Use Spring Security LDAP module to wire up the security services of your backend. Secure the URIs and that is all that you require.
Spring LDAP Guide
Spring LDAP Reference
How can i make REST Calls to my service which is hosted on a different server.
I presume that you will have the backend on a server and there is connectivity between your nodejs server and the backend server. Use the hostname and port if you want things to be simple. Please allow CORS on your backend server either programmatically, or by using a proxy server such as nginx.
How do i solve the issue of authentication/authorization with REST Service using Spring security.
Spring security will enable end points for Authentication and Authorization. Your angular application must need to check for the authentication at the start of every request ideally, and when there is a (401) Authentication Failure, redirect to a login controller. Keep the default route to the angular application to the login controller too.
I have been asked to create an oauth2 server to access multiple webapps of our company. And I am following this github project.
I dont have nay idea about creating Oauth2 server.And stuck while Getting Access token via authorization code (followed given process in link).
When you speak about an OAuth2 server you mean the interface between user storage (f.e. LDAP) and the web aplications?
The easiest way to have an OAuth2 server would be to install WSO2 IS and configure your LDAP as a secondary user store.
I have not coded the server side of OAuth2 but Apache OLTU is a project that has been very helpfull for me. It includes libraries for the server part.
Spring Security OAuth2 provides some sample code, one of which is an Auth Server.
http://projects.spring.io/spring-security-oauth/docs/oauth2.html
By default, it supports a single user. But it could be modified to be a more fully-featured Auth Server. But it does show how to use Spring Security inside the Auth Server as well as implement the OAuth server endpoints and return JWT
I have A SSO environment configured through CAS. When I log into one application and try to access the other application login it will successfully authenticate without credentials. Or, if I make a rest call to the other application when logged in through any of the SSO configured application , I am getting the result while using an application like POSTMAN. But the problem is when I am making a REST call from java back end. Instead of generating a token CAS is redirecting me to the login page... Please, let me know how to proceed.
For web application to backend communication, I will recommend using the proxy mechanism: https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough
The way to configure everything properly depends on the CAS client you use.