I need to add oauth security to spring mvc project.
The project have basic security that implement org.springframework.web.filter.DelegatingFilterProxy
with CustomAuthenticationProvider and i need to replace it with oauth2 .
is there a simple way to do it ?
Thanks.
We have done the same in one of our applications using Spring 4 and Java 8. The application is open source and you can read about the security layer here https://techdev.io/en/developer-blog/using-spring-and-oauth-in-trackr
Related
What I am trying to achieve:
I currently have mobile apps on top of services and would like to add a web site on top of the same services.
Services details:
ASP.NET Web API project using OAuth (bearer token) and Identity for authentication and authorisation.
Microsoft.AspNet.WebApi 5.2.3
Microsoft.Owin.Security.OAuth 3.0.1
Microsoft.AspNet.Identity.Core 2.2.1
Mobile details:
Xamarin projects.
Xamarin.Forms 2.3.3.193
What architecture should I use for the web site?
Create a new ASP.NET MVC project and call my current services from the MVC controllers? This seems bad because:
I would have 2 layers of controllers (web site MVC controllers calling services API controllers)
I would need to store bearer tokens in cookies
I would need to manage the tokens and cookies expirations
Create a new ASP.NET MVC project and call current services database directly? This seems bad because:
I would have to duplicate the models in the services project and in the web site project
Create a new ASP.NET project and call my current services using ajax? This seems bad because:
I would need to create my own register/login pages
I would need to store bearer tokens in cookies
I would need to manage the tokens and cookies expirations
I would need to say bye to future social authentication (OAUTH2) implementation because I wouldn’t be using OWIN
Thanks,
fcorbeil
If you already have the API a brand new MVC app shouldn't be such a bad choice. If you have your models stored in a different project just reference them to the MVC one. As for the services, them would work perfectly with the new application. This all can be achieved without changing almost nothing to the current implementation.
I am working on a project and using a similar architecture.
I decided to create an Angular project for the website front end and all it does is talk to the Web API. Angular handles the JWT authentication really well. If you've never worked with Angular before, it is really nice to work with.
However, a vanilla ASP.NET MVC web app would work just as well.
It depends on how comfortable you are with Angular, or how willing you are are to learning it! :)
I have an application which is completely written in Java with Spring framework. Right now I need to integrate this application with some other application that is written on WordPress. I need to seamlessly support the same user database for both of these application. I understand that I need some kind of Single-Sign On(SSO) that is supported of Spring(can be used with Spring Security) and WordPress.
Right now Spring application manages users via own Spring OAuth2 Authorization server. Is it possible to use this server in a separate WordPress application ?
Could you please recommend some SSO solution for this case ?
UPDATED
Maybe it is possible to use CAS Jasig for this purpose ? Do we have support of Jasig for WP and Spring ?
If so I have an additional question about Jasig CAS architecture - where users for WP and Spring MVC applications must be stored ? I mean it is a single store(for example the same mysql database) or it can(must) be a different stores for each application ?
We have a classic ASP.NET web application and a SOAP based API built on it. We are planning to implement oAuth2 authorization into it to implement a service provider that can create tokens, persist them and do evaluation.
I found few examples using DotNetOpenAuth , Azure access control service but all of them are based on MVC. Any pointers on how we can implement on oAuth2 on classic ASP.NET web API?
There are quite a few examples of using DotNetOpenAuth with asp.net applications. For instance:
http://www.nuget.org/packages/DotNetOpenAuth.AspNet
http://blogs.msdn.com/b/webdev/archive/2012/09/12/integrate-openauth-openid-with-your-existing-asp-net-application-using-universal-providers.aspx
Edit
So unfortunately I don't know a direct example with asp.net.
The OAuth1 sample might help in giving the basic idea of how to integrate DotNetOpenAuth as a service provider into an ASP.NET application -
https://github.com/DotNetOpenAuth/DotNetOpenAuth/tree/master/samples/OAuthServiceProvider
And I think that using that as a base, and combining with working with the OAuth2.AuthorizationServer (as the oauth2 samples show, like https://github.com/DotNetOpenAuth/DotNetOpenAuth/tree/master/samples/OAuth2ProtectedWebApi), is a good reference point.
How to integrate ModeShape JCR with Spring MVC security credentials?
Where does ModeShape store user data?
As described in the documentation, ModeShape has a pluggable authentication and authorization system. ModeShape has built-in support for JAAS and Servlet security, but it does not have support for Spring MVC out of the box. Adding custom implementations is pretty straightforward.
I have web app which is already developed based on Spring MVC. I need to re-implement that web app in Mule.
Can I develop the mule application based on Spring MVC?
Can I declare the Spring MVC dispatcher servlet inside a mule's servlet endpoint and take things further from there?
The web app has web.xml where it defines the DispatcherServlet, the contextparams, the listener classes and so on. How can we remodel that in a mule application?
Any examples where a mule application is developed based on SpringMVC would be great.
Thanks to its embedded Jetty container, you can deploy any JavaEE web application in Mule. So there's no need to remodel anything.
The "Boosktore" example application demonstrates running web-apps within Mule: https://github.com/mulesoft/mule/tree/mule-3.x/examples/bookstore
Mule ESB is not an MVC Framework. It is developed using enterprise integration patterns in mind.
Please go through this blog, to know when to use ESB.
spring mvc can be integrated with mule.
Define all your spring related configuration in separate xml file and include it in mule configuration file.
You can write your custom transformers ,in the custom transformations you can inject or do an autowire of your service classes and from service object you can interact with dao layers.