I have been asked to create an oauth2 server to access multiple webapps of our company. And I am following this github project.
I dont have nay idea about creating Oauth2 server.And stuck while Getting Access token via authorization code (followed given process in link).
When you speak about an OAuth2 server you mean the interface between user storage (f.e. LDAP) and the web aplications?
The easiest way to have an OAuth2 server would be to install WSO2 IS and configure your LDAP as a secondary user store.
I have not coded the server side of OAuth2 but Apache OLTU is a project that has been very helpfull for me. It includes libraries for the server part.
Spring Security OAuth2 provides some sample code, one of which is an Auth Server.
http://projects.spring.io/spring-security-oauth/docs/oauth2.html
By default, it supports a single user. But it could be modified to be a more fully-featured Auth Server. But it does show how to use Spring Security inside the Auth Server as well as implement the OAuth server endpoints and return JWT
Related
I'm trying to run the servlet/spring-boot/java/saml2/login-single-tenant example from https://github.com/spring-projects/spring-security-samples.git using Keycloak.
I started a local docker Keycloak container in which I created a new realm with the saml identity provider.
When I run the example it connects to keycloak to fetch the /saml/descriptor, which is returned correctly. But then it throws an AccessDeniedException.
I don't know what I'm doing wrong, I don't even know what I should be doing right. Can anybody help me please?
The ultimate goal would be to have a pure machine to machine connection, without login page, protected by SAML.
Ps.: I know about OIDC, but I'm working on a java client that connects to a SOAP webservice that requires a SAML security token.
I am beginner in Java Spring and I am trying to understand and setup application for school. (semestral work)
I have simple App what have JPA, DAO, Services and REST API implementation.
I need to secure this API by school OAuth2 server.
All resources on internet showing how to make own app what include Resouce server + Auth Server. To be used by client app. I already have external Auth server.
I am building Backend (REST) only, so I will be testing my app by Postman. I need to access for example my.app/login from browser, authorize on OAuth, then recieve JWT, what I can then use in Postman on requests for example to fetch user my.app/users/3 from my database.
How I can achieve this?
I'm using Spring-Boot and annotation based Spring-Security and I would like to use another site as one of my authentication providers.
I search on google but not getting any proper example or related solutions.
Let me know how can I implement Single sign on for 2 different application.
Please Guide.
Thank You.
You could use Jasig CAS to implement SSO and it is supported by Spring Security: https://docs.spring.io/spring-security/site/docs/3.0.x/reference/cas.html
You can use #EnableOAuth2Sso on your spring-boot application set some properties: client id, client secret, token endpoint for your oauth2 server, etc.
This tutorial is for an angularJS client on spring-boot but the server side is similar: https://spring.io/blog/2015/02/03/sso-with-oauth2-angular-js-and-spring-security-part-v
I am trying SSO between my application and zendesk. I am using openam for this purpose. Suppose app is deployed as app.myapp.com. And I want to have SSO feature with zendesk, whose URL could be something like accountname.zendesk.com. How do I setup openam configurations?
Whatever I have read in documentation is that, there should be a server with openam installed on it. And this will serve as Hosted Identity Provider. Now zendesk is going to be a service provider. This will be remote service provider. So how do I set this up? Should there be another instance of openam acting as remote service provider?
I tried configuring openam for 2 days, but openam documents are too abstract and I couldn't get it to work. Then I tried SSO using JWT i.e. JSON Web Token. Now Single sign on between my application and Zendesk is working fine.
I am looking for a Java based REST server which support following authentication mechanism. Also please let me know the best resources for the REST based authentication
Token
Certificate
Kerberos
Oauth
Open Id
I am an architect from WSO2... so my reply could be biased...
You can use the open source WSO2 Application Server to deploy your RESTful services and WSO2 Identity server has the support for 2-legged OAuth...
Thanks...
Partial answer for method 2) Certificate:
If you're planning on using certificates for authentication, I must assume that the API will be consumed by a limited number of trusted client applications. I've recently developed and deployed a REST API for internal use within an organization, and we use server-client certificates for authentication. This solution delivers a really high level of security, but is very impractical to use in an externally exposed API. This post gives some information: Java HTTPS client certificate authentication.
Any Java container should support these with either:
Apache / IIS as a reverse proxy deployed for SSO (Single Sign On)
Authentication plugins