I have a web based Java application made using Spring Framework. I have a spring security file that authenticates users. I need to enable SSO on my application using Azure Active Directory so that I can integrate it with myapps.microsoft.com. Can someone provide me any pointers or direction.
Thanks.
SSO with with protocol? SAML or OAUTH?
In any case you have to register your app in the Active Directory as SSO Application. In this configuration you also define the OAUTH or SAML Options.
https://learn.microsoft.com/en-us/azure/active-directory/active-directory-saas-custom-apps
Related
I'm trying to implement Authentication with Spring Security via Azure AD to my Spring Boot Application. The Azure AD Portal is not availible to me and managed by others.
How can I perform an easy Authentication using the Microsoft login of the company to verify that the user exists in the Azure? I just need to know in the application if the user was able to perform the login.
Thanks :)
i'm trying to implement Authentication with Spring Security via Azure
AD to my Spring Boot Application. The Azure AD Portal is not available
to me and managed by others
AFAIK, Without having Azure portal its not possible to use authentication with Azure AD for your application. It requires app registration details such as client id, Tenant Id, redirect uri etc.
We can not able to do such operation if are not having account on Azure . And Azure Active directory has a high level security so that you can not get to know whether this user is from Azure.
For more information please refer the below links:-
Dev Azure Blog|Using Spring Security with Azure Active Directory
MICROSOFT DOCUMENT| Secure a Java web app using the Spring Boot Starter for Azure Active Directory
What is the best way to implement SSL in Spring Boot & Angular application (frontend with backend)?
Should I configure SSL in both applications separately?
Or should I configure SSL in Nginx web server and not taking care about securing applications?
Should I configure SSL in both applications separately?
If you've built out a microservice architecture and both your spring boot application and your Angular application are served off different domains, then yes you should configure SSL on both applications.
Or should I configure SSL in Nginx web server and not taking care about securing applications?
If you are using NGINX to serve your Angular application, then yes you should setup SSL on it.
I'll add that SSL is not the only step required to secure an application. Many applications will require some user management with role based permissions and control access to screens in your app or REST APIs based on user permissions.
image of the website I am intended to set up a SAML SSO with my web app. I am currenty having a web app that has its own two step verification process for validating the users. I need to configure this web app as my Identity provider and use the website https://velpic.com as my Service provider. This website supports SSO and for accessing this website the user has to be first authenticated in the web app and should maintain a SSO in the website. I already have my java webapp running in tomcat 9.0 and now need to implement this. Can any one help me with getting started?. And i dont want to user any external Idp providers.
I am trying SSO between my application and zendesk. I am using openam for this purpose. Suppose app is deployed as app.myapp.com. And I want to have SSO feature with zendesk, whose URL could be something like accountname.zendesk.com. How do I setup openam configurations?
Whatever I have read in documentation is that, there should be a server with openam installed on it. And this will serve as Hosted Identity Provider. Now zendesk is going to be a service provider. This will be remote service provider. So how do I set this up? Should there be another instance of openam acting as remote service provider?
I tried configuring openam for 2 days, but openam documents are too abstract and I couldn't get it to work. Then I tried SSO using JWT i.e. JSON Web Token. Now Single sign on between my application and Zendesk is working fine.
We have over a dozen legacy web applications (each with their own app contexts) that use Tomcat's container managed security for simple form-based authentication. We currently use Tomcat's single sign on valve to allow authenticated users to jump between web apps without the need of re-authenticating. We are also developing new web applications using the Spring Security framework.
Is it possible to get users who are authenticated via the new Spring Security apps to also be able to jump to the older legacy (non-Spring) apps without the need of re-authenticating? Is their a way to bridge Spring Security with the Tomcat SSO valve?
I prefer to avoid making any changes to the legacy web apps, but understand if it doesn't seem possible.
You will be able to do it using J2eePreAuthenticatedProcessingFilter:
http://static.springsource.org/spring-security/site/docs/3.2.x/reference/htmlsingle/#d4e2766
Please note:
When Tomcat SSO is configured it provides Java EE authentication for a web application.
It means that for an application is transparent if it was authenticated by form authentication or for Tomcat SSO. Finally it is Java EE authentication.
So, you need to use J2eePreAuthenticatedProcessingFilter to be able to use Java EE authentication provided by Tomcat.