SpringBoot + Web API Bearer Token Security against AzureAccessing Azure web sites from Visual StudioAuthenticate against an Azure Mobile Service App with ADAL.js acquired tokenPossible to get Azure AD Application name from Bearer Token?Get username linked to Azure AD bearer tokenUnable to use bearer token to access AAD-secure Web APIAuthenticate Web App against API App using Azure AD bearer tokenRetrieve Access Token within a AAD secured Azure Web AppHow do I get the bearer token claims that azure b2c promises?Bearer token not working when calling web api in AzureInvalidating Azure AD Bearer Token on LogOut

How to limit Drive Letters Windows assigns to new removable USB drives

Pre-plastic human skin alternative

Can SQL Server create collisions in system generated constraint names?

Why did some of my point & shoot film photos come back with one third light white or orange?

Is there really no use for MD5 anymore?

What's the polite way to say "I need to urinate"?

"The cow" OR "a cow" OR "cows" in this context

How to stop co-workers from teasing me because I know Russian?

What is the smallest unit of eos?

Are there physical dangers to preparing a prepared piano?

How can I print the prosodic symbols in LaTeX?

Why does Mind Blank stop the Feeblemind spell?

Implications of cigar-shaped bodies having rings?

Is Diceware more secure than a long passphrase?

How did Captain America manage to do this?

How can Republicans who favour free markets, consistently express anger when they don't like the outcome of that choice?

can anyone help me with this awful query plan?

On The Origin of Dissonant Chords

Two field separators (colon and space) in awk

How can the Githyanki Supreme Commander move while insubstantial?

Why does nature favour the Laplacian?

Was there a shared-world project before "Thieves World"?

Minor Revision with suggestion of an alternative proof by reviewer

Was there a Viking Exchange as well as a Columbian one?



SpringBoot + Web API Bearer Token Security against Azure


Accessing Azure web sites from Visual StudioAuthenticate against an Azure Mobile Service App with ADAL.js acquired tokenPossible to get Azure AD Application name from Bearer Token?Get username linked to Azure AD bearer tokenUnable to use bearer token to access AAD-secure Web APIAuthenticate Web App against API App using Azure AD bearer tokenRetrieve Access Token within a AAD secured Azure Web AppHow do I get the bearer token claims that azure b2c promises?Bearer token not working when calling web api in AzureInvalidating Azure AD Bearer Token on LogOut






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








0















I am new to Springboot so please bear with me. We have a Springboot Web App which exposes multiple endpoints (/order , /modes). These APIs will be called from different web services (sitting in Azure) and they will each pass Authorization Bearer Token(Individual Azure App Client ID) in the call for Authentication to our App.



So we want to secure our App, to accept this token and allow calls only if the token is valid.



I was able to secure the springboot app for user login, but not if any service calls via Bearer token. Can you please help with this.



I followed solution provided in this blog, but it only accepts token genearted by a single Client ID http://blog.xebia.in/index.php/2017/12/21/spring-security-and-oauth2-with-azure-active-directory/



As of now below is what I have as part of security in my code, which does user based authentication



@Autowired
private AADAuthenticationFilter aadAuthFilter;



@Autowired
private OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService;

@Override
protected void configure(HttpSecurity http) throws Exception 
 http.csrf().disable().authorizeRequests().antMatchers("/actuator/health").permitAll();
 http.csrf().disable().authorizeRequests().anyRequest().fullyAuthenticated().and().oauth2Login()
 .userInfoEndpoint().oidcUserService(oidcUserService);
 http.addFilterBefore(aadAuthFilter, UsernamePasswordAuthenticationFilter.class);



Thanks,
Anju






azure spring-boot







share|improve this question






















  • Is your scenario similar to docs.microsoft.com/en-us/azure/active-directory/develop/…

    – Tony Ju
    Mar 25 at 1:55

















0















I am new to Springboot so please bear with me. We have a Springboot Web App which exposes multiple endpoints (/order , /modes). These APIs will be called from different web services (sitting in Azure) and they will each pass Authorization Bearer Token(Individual Azure App Client ID) in the call for Authentication to our App.



So we want to secure our App, to accept this token and allow calls only if the token is valid.



I was able to secure the springboot app for user login, but not if any service calls via Bearer token. Can you please help with this.



I followed solution provided in this blog, but it only accepts token genearted by a single Client ID http://blog.xebia.in/index.php/2017/12/21/spring-security-and-oauth2-with-azure-active-directory/



As of now below is what I have as part of security in my code, which does user based authentication



@Autowired
private AADAuthenticationFilter aadAuthFilter;



@Autowired
private OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService;

@Override
protected void configure(HttpSecurity http) throws Exception 
 http.csrf().disable().authorizeRequests().antMatchers("/actuator/health").permitAll();
 http.csrf().disable().authorizeRequests().anyRequest().fullyAuthenticated().and().oauth2Login()
 .userInfoEndpoint().oidcUserService(oidcUserService);
 http.addFilterBefore(aadAuthFilter, UsernamePasswordAuthenticationFilter.class);



Thanks,
Anju






azure spring-boot







share|improve this question






















  • Is your scenario similar to docs.microsoft.com/en-us/azure/active-directory/develop/…

    – Tony Ju
    Mar 25 at 1:55













0












0








0








I am new to Springboot so please bear with me. We have a Springboot Web App which exposes multiple endpoints (/order , /modes). These APIs will be called from different web services (sitting in Azure) and they will each pass Authorization Bearer Token(Individual Azure App Client ID) in the call for Authentication to our App.



So we want to secure our App, to accept this token and allow calls only if the token is valid.



I was able to secure the springboot app for user login, but not if any service calls via Bearer token. Can you please help with this.



I followed solution provided in this blog, but it only accepts token genearted by a single Client ID http://blog.xebia.in/index.php/2017/12/21/spring-security-and-oauth2-with-azure-active-directory/



As of now below is what I have as part of security in my code, which does user based authentication



@Autowired
private AADAuthenticationFilter aadAuthFilter;



@Autowired
private OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService;

@Override
protected void configure(HttpSecurity http) throws Exception 
 http.csrf().disable().authorizeRequests().antMatchers("/actuator/health").permitAll();
 http.csrf().disable().authorizeRequests().anyRequest().fullyAuthenticated().and().oauth2Login()
 .userInfoEndpoint().oidcUserService(oidcUserService);
 http.addFilterBefore(aadAuthFilter, UsernamePasswordAuthenticationFilter.class);



Thanks,
Anju






azure spring-boot







share|improve this question














I am new to Springboot so please bear with me. We have a Springboot Web App which exposes multiple endpoints (/order , /modes). These APIs will be called from different web services (sitting in Azure) and they will each pass Authorization Bearer Token(Individual Azure App Client ID) in the call for Authentication to our App.



So we want to secure our App, to accept this token and allow calls only if the token is valid.



I was able to secure the springboot app for user login, but not if any service calls via Bearer token. Can you please help with this.



I followed solution provided in this blog, but it only accepts token genearted by a single Client ID http://blog.xebia.in/index.php/2017/12/21/spring-security-and-oauth2-with-azure-active-directory/



As of now below is what I have as part of security in my code, which does user based authentication



@Autowired
private AADAuthenticationFilter aadAuthFilter;



@Autowired
private OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService;

@Override
protected void configure(HttpSecurity http) throws Exception 
 http.csrf().disable().authorizeRequests().antMatchers("/actuator/health").permitAll();
 http.csrf().disable().authorizeRequests().anyRequest().fullyAuthenticated().and().oauth2Login()
 .userInfoEndpoint().oidcUserService(oidcUserService);
 http.addFilterBefore(aadAuthFilter, UsernamePasswordAuthenticationFilter.class);



Thanks,
Anju






azure spring-boot




azure spring-boot






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Mar 22 at 17:26









AnjuAnju

1




1












  • Is your scenario similar to docs.microsoft.com/en-us/azure/active-directory/develop/…

    – Tony Ju
    Mar 25 at 1:55

















  • Is your scenario similar to docs.microsoft.com/en-us/azure/active-directory/develop/…

    – Tony Ju
    Mar 25 at 1:55
















Is your scenario similar to docs.microsoft.com/en-us/azure/active-directory/develop/…

– Tony Ju
Mar 25 at 1:55





Is your scenario similar to docs.microsoft.com/en-us/azure/active-directory/develop/…

– Tony Ju
Mar 25 at 1:55












0






active

oldest

votes












Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55304895%2fspringboot-web-api-bearer-token-security-against-azure%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes















draft saved

draft discarded
















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55304895%2fspringboot-web-api-bearer-token-security-against-azure%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Kamusi Yaliyomo Aina za kamusi | Muundo wa kamusi | Faida za kamusi | Dhima ya picha katika kamusi | Marejeo | Tazama pia | Viungo vya nje | UrambazajiKuhusu kamusiGo-SwahiliWiki-KamusiKamusi ya Kiswahili na Kiingerezakuihariri na kuongeza habari

Image
Pages using ISBN magic linksMbegu za lughaKamusiIsimu nenoKiarabukitabulughaKiswahilialfabetimaanaufafanuzimanenomuhtasarisarufividahizoalfabeti Kamusi Kutoka Wikipedia, kamusi elezo huru Jump to navigation Jump to search Kamusi za Kiswahili Kamusi ya Kiswahili-Kiswahili (kamusi wahidiya) Kamusi ya Kiswahili - Kiingereza (kamusi thania) Kamusi (kutoka neno la Kiarabu قاموس qamus ) ni kitabu ambacho kinaorodhesha maneno ya lugha yaliyokusanywa kutoka kwa watumiaji wa lugha fulani, kwa mfano lugha ya Kiswahili. Maneno hupangwa kwa mtindo wa alfabeti, hutoa maana, asili na ufafanuzi wa utumizi wa maneno na jinsi yanavyotumika au yanavyotamkwa. [1] Yaliyomo 1 Aina za kamusi 2 Muundo wa kamusi 2.1 1. Utangulizi wa kamusi 2.2 2. Matini ya kamusi 2.3 3. Sherehe ya kamusi 3 Faida za kamusi 4 Dhima ya picha katika kamusi 5 Marejeo 6 Tazama pia 7 Viungo vya nje Aina za kamusi | Kuna aina mbalimbali za kamusi ambazo n...
Read more

SQL error code 1064 with creating Laravel foreign keysForeign key constraints: When to use ON UPDATE and ON DELETEDropping column with foreign key Laravel error: General error: 1025 Error on renameLaravel SQL Can't create tableLaravel Migration foreign key errorLaravel php artisan migrate:refresh giving a syntax errorSQLSTATE[42S01]: Base table or view already exists or Base table or view already exists: 1050 Tableerror in migrating laravel file to xampp serverSyntax error or access violation: 1064:syntax to use near 'unsigned not null, modelName varchar(191) not null, title varchar(191) not nLaravel cannot create new table field in mysqlLaravel 5.7:Last migration creates table but is not registered in the migration table

Image
Does a multiclassed wizard start with a spellbook? Minimizing medical costs with HSA Boss has banned cycling to work because he thinks it's unsafe Is there a typical layout to blocking installed for backing in new construction framing? In the Seventh Seal why does Death let the chess game happen? Why has Novell never written its own boot loader? Should I warn my boss I might take sick leave Why is the saxophone not common in classical repertoire? Is it possible to spoof an IP address to an exact number? Motorcyle Chain needs to be cleaned every time you lube it? Bypass with wrong cvv of debit card and getting OTP Do we have a much compact and generalized version of erase–remove idiom? how can i make this execution plan more efficient? Why did moving the mouse cursor cause Windows 95 to run more quickly? What's the big deal about the Nazgûl losing their horses? Has chattel slavery ever been used as a criminal punishment in the USA since the passag...
Read more

은진 송씨 목차 역사 본관 분파 인물 조선 왕실과의 인척 관계 집성촌 항렬자 인구 같이 보기 각주 둘러보기 메뉴은진 송씨세종실록 149권, 지리지 충청도 공주목 은진현

Image
송씨은진 송씨충청남도 소재 성씨논산시 충청남도논산시은진면한국의 성씨고려송명의회덕 황씨류준고흥 류씨송유조선송준길문묘송시열좌의정문묘종묘송준길송규렴송상기송시열송인수송환기송치규송근수충청남도논산시은진면백제757년충청남도은진군논산군논산시은진면송유 은...
Read more