We are using web service datasource to interact with REST data in Jasper Reports.
That Web Service data source has 2 methods of authentication:
Basic
Google Authentication key
So we cannot query it with our actual security implementation.
Security description:
We are using keycloak and Open ID Connect protocol for protecting the endpoints.
Therefore, if we would like to query http://<host>:<port>/endpoint we need to have signed JSON Web Tokenon the client (jasper server) side to access it.
Did somebody already had this issue?
Is it possible to solve it without modification in Web Service plugin source code?
Used JasperReports Server version: 6.4.2
Related
I'm trying to run the servlet/spring-boot/java/saml2/login-single-tenant example from https://github.com/spring-projects/spring-security-samples.git using Keycloak.
I started a local docker Keycloak container in which I created a new realm with the saml identity provider.
When I run the example it connects to keycloak to fetch the /saml/descriptor, which is returned correctly. But then it throws an AccessDeniedException.
I don't know what I'm doing wrong, I don't even know what I should be doing right. Can anybody help me please?
The ultimate goal would be to have a pure machine to machine connection, without login page, protected by SAML.
Ps.: I know about OIDC, but I'm working on a java client that connects to a SOAP webservice that requires a SAML security token.
Using the webapp, which uses corda-webserver, how to implement authentication mechanism for RPC Users?
RPC Users mentioned in the configuration file.
And perform role based actions(Only accessible flows).
I could only find detail about authenticating RPC Users through ClientRPCOps, but couldn't find anything about web based authentication.
Web authentication is not directly related to Corda. Connecting to a node via rpc requires authentication. Anything past that is not Corda's problem.
If you want to setup web authentication, then you should look into how frameworks like Spring or Ktor handle these scenarios. Corda is not web based by default and requires integration into a "web server" application to be web-enabled.
I am beginner in Java Spring and I am trying to understand and setup application for school. (semestral work)
I have simple App what have JPA, DAO, Services and REST API implementation.
I need to secure this API by school OAuth2 server.
All resources on internet showing how to make own app what include Resouce server + Auth Server. To be used by client app. I already have external Auth server.
I am building Backend (REST) only, so I will be testing my app by Postman. I need to access for example my.app/login from browser, authorize on OAuth, then recieve JWT, what I can then use in Postman on requests for example to fetch user my.app/users/3 from my database.
How I can achieve this?
I have been asked to create an oauth2 server to access multiple webapps of our company. And I am following this github project.
I dont have nay idea about creating Oauth2 server.And stuck while Getting Access token via authorization code (followed given process in link).
When you speak about an OAuth2 server you mean the interface between user storage (f.e. LDAP) and the web aplications?
The easiest way to have an OAuth2 server would be to install WSO2 IS and configure your LDAP as a secondary user store.
I have not coded the server side of OAuth2 but Apache OLTU is a project that has been very helpfull for me. It includes libraries for the server part.
Spring Security OAuth2 provides some sample code, one of which is an Auth Server.
http://projects.spring.io/spring-security-oauth/docs/oauth2.html
By default, it supports a single user. But it could be modified to be a more fully-featured Auth Server. But it does show how to use Spring Security inside the Auth Server as well as implement the OAuth server endpoints and return JWT
I want to create a java client (on eclipse) to connect to WSO2 Identity Server 5.1.0 using the API to autenticate, create, save and manage users.
So my idea to configurate the identity server as ldap and to test it with an example of client in java that can authenticate and manage users with API...
I tried to use the example in https://docs.wso2.com/display/IS510/Managing+Users+and+Roles+with+APIs, but i think that the new version of server do not support this example.
apparently you are mixing several things (and the WSO2 documentation is misleading in that point too):
I want to create a java client (on eclipse) to connect to WSO2 Identity Server 5.1.0 using the API to autenticate, create, save and manage users
The web page you refer provides 2 ways to call the admin services:
admin web services - you may create or generate a web service client and use the web service to connect to the WSO2 IS remotely. How to get the WSDL files is described in this post. That should work with all (even older) versions of the WSO2 IS. I would suggest to use this approach.
The code snippet you have provided should works (I haven't try it myself though). I use the default admin web services.
If you are unable to create a client or connect, you should provide more details where / with what you have the problem.
So my idea to configurate the identity server as ldap...
WS2 Identity Server is not an LDAP server. It may have an LDAP configured as a user store (it has an embedded OpenLDAP instance by default). But you can use the web services or the OAuth2 endpoint to authenticate users against configured user stores.