spring-security

问题 I'm currently creating a simple app for a school project, Spring Boot backend and AngularJS frontend, but have a problem with security that I can't seem to solve. Logging in works perfectly, but when I enter a wrong password the default login popup shows up, which is kind of annoying. I've tried the annotation 'BasicWebSecurity' and putting httpBassic on disabled, but with no result (meaning, that the login procedure doesn't work at all anymore). My security class: package be.italent.security

问题 I am trying to invoke some backend system which is secured by a client_credentials grant type from a Feign client application. The access token from the backend system can be retrieved with the following curl structure (just as an example): curl --location --request POST '[SERVER URL]/oauth/grant' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --header 'Cookie: WebSessionID=172.22.72.1.1558614080219404; b8d49fdc74b7190aacd4ac9b22e85db8=2f0e4c4dbf6d4269fd3349f61c151223' \ -

问题 I am trying to invoke some backend system which is secured by a client_credentials grant type from a Feign client application. The access token from the backend system can be retrieved with the following curl structure (just as an example): curl --location --request POST '[SERVER URL]/oauth/grant' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --header 'Cookie: WebSessionID=172.22.72.1.1558614080219404; b8d49fdc74b7190aacd4ac9b22e85db8=2f0e4c4dbf6d4269fd3349f61c151223' \ -

问题 All, Our IT dept has decided to change the suffix of our users in AD by adding a different suffix to the userPrincipalName in AD to the actual domain being used. e.g. our domain is xxx.com but userPrincipalName is now "usera@zzz.tech" whereas before it was "usera@xxx.com". The Spring LDAP AD authentication no longer works with this because of this reason I think: userPrincipalName is built up using name + domain when it tries to authenticate. I need to override this somehow - but keep with

问题 All, Our IT dept has decided to change the suffix of our users in AD by adding a different suffix to the userPrincipalName in AD to the actual domain being used. e.g. our domain is xxx.com but userPrincipalName is now "usera@zzz.tech" whereas before it was "usera@xxx.com". The Spring LDAP AD authentication no longer works with this because of this reason I think: userPrincipalName is built up using name + domain when it tries to authenticate. I need to override this somehow - but keep with

问题 I am new to spring security, and i come across to implement OAuth2 with client_credentials as Grant type. i am using below piece of code, but i am getting suggestion that ClientCredentialsResourceDetails, OAuth2RestTemplate & OAuth2AccessToken are deprecated. Can someone help with the alternate to this ? private String getAuthTocken(){ final ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails(); resourceDetails.setClientId("ceapiClientId"); resourceDetails

问题 I'm building a REST back end based on spring and i'm using spring security to secure the requests. But i'm lookin for an issue to login by sending parameters in json rather than defaults parameters sent by the default login page of spring security. I'm working with spring security 4.0.1 and spring 4.1 Any issue please? 回答1: If you're using just username and password, you can simply add a new filter to the stack, akin to the existing UsernamePasswordAuthenticationFilter , that would react to a

问题 I'm building a REST back end based on spring and i'm using spring security to secure the requests. But i'm lookin for an issue to login by sending parameters in json rather than defaults parameters sent by the default login page of spring security. I'm working with spring security 4.0.1 and spring 4.1 Any issue please? 回答1: If you're using just username and password, you can simply add a new filter to the stack, akin to the existing UsernamePasswordAuthenticationFilter , that would react to a

问题 I am using SpringBoot,springsecurity and jdk 1.8. When I am trying to open any secured thymleaf page in iframe on Chrome, then it is rediecting me to login page every time. It is working fine on firefox and IE. And When I try to open the same URL without iframe, it is working fine. I have already given much time to solve ,but could solve it. Below are my spring security conf file code. One more thing both domains are different. @Override protected void configure(HttpSecurity http) throws

问题 I'm using authorization of OAUTH2 using Spring Security and Spring boot and getting the following error: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'OAuth2LoginSecurityConfig': Unsatisfied dependency expressed through method 'setContentNegotationStrategy' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.boot.autoconfigure.web.servlet