java - Authenticate a Springboot Application against another application using Basic Auth -


how can authenticate spring boot application against third party application?

according examples implementing basic auth using spring security, user , password validated want validate against 200 response service. here's how user can authenticated: user sends credentials basic auth access springboot rest service -> springboot service makes request basic auth header third party service -> receives 200 ok , authenticate end user access urls on rest service.

@configuration @enablewebsecurity public class springsecurityconfig extends websecurityconfigureradapter {      @autowired     private authenticationentrypoint authentrypoint;      @override     protected void configure(httpsecurity http) throws exception {         http.csrf().disable().authorizerequests()                 .anyrequest().authenticated()                 .and().httpbasic()                 .authenticationentrypoint(authentrypoint);     }      @autowired     public void configureglobal(authenticationmanagerbuilder auth) throws exception {         auth.inmemoryauthentication().withuser("user").password("password").roles("user");     }  } 

you have implement own authenticationprovider. example:

public class thirdpartyauthenticationprovider implements authenticationprovider {      @override     public authentication authenticate(authentication auth) thows authenticationexception {         // call third party site auth.getprincipal() , auth.getcredentials() (those username , password)         // throw authenticationexception if response not 200         return new usernamepasswordauthenticationtoken(...);     }      @override     public boolen supports(class<?> authcls) {         return usernamepasswordauthenticationtoken.class.equals(authcls);     } } 

after can override configure(authenticationmanagerbuilder) method in springsecurityconfig:

@override protected void configure(authenticationmanagerbuilder auth) throws exception {     // authprovider = instance of thirdpartyauthenticationprovider     auth.authenticationprovider(authprovider);  } 

Comments

Popular posts from this blog

ZeroMQ on Windows, with Qt Creator -

unity3d - Unity SceneManager.LoadScene quits application -

python - Error while using APScheduler: 'NoneType' object has no attribute 'now' -