I'd like to give users the option to login to a Spring Boot web application using their Google or Facebook account.
I checked The Spring Cloud Security documentation and also This GitHub issue to add such SSO functionality, but on both they only show how to configure one SSO server, so it's either Google or Facebook.
How can I add both options? on the web front-end I will add a button for each option so the users can choose which account to use, either Google or Facebook.
Or I am choosing the wrong package and should use something different altogether to achieve this?
Thanks!
You basically have to install a separate authentication filter for each provider. There's a tutorial here: https://spring.io/guides/tutorials/spring-boot-oauth2/.
Related
I have a java application running on tomcat server which uses JAAS authentication to configure the app among three users (superadmin, admin, customer).
Now, I have to integrate the app with SAML just for the end-user (customer).
I've gone through a lot of blogs and videos related to it. But everything involves a build tool within.
Whereas this app has been built manually through console (without IDE). It would be very helpful if you could provide me with an example to refer to meeting my requirements.
I am currently building an android application for my final year degree project but at the moment I have very basic login functionality.
At the moment it is just a username and password stored in a MySQL server, the program fires off a request which runs some PHP to check to see if the username exists in the table and the password is correct. This won't be anywhere near secure enough, I just wanted a placeholder while I got on with other parts of the app.
I've been looking at existing frameworks which can provide secure authentication/authorization as well as session management so the user doesn't have to constantly log on whenever they re-open the app. Apache Shiro (https://shiro.apache.org/) sounds like a potential solution but I've had a good search on Google but haven't found any examples in which it is used for Android projects.
Does anyone know if it is possible to use it for Android Apps? Or if there are any decent alternatives?
Thanks,
Mike
A security service is deployed in a "remote" machine (the server). Your Android app (the client), when a user tries to login, sends a POST to a "/login" endpoint exposed by the server. If successful it will reply with a cookie that the client will use in the further request to identify its session. It is not difficult with a maven project Spring and Shiro libraries, but you need to implement at least a simple WebApp (expose /login, use shiro to verify the credential) deployed in a separate server. If you are ready to write two java app Shiro is a good choice.
I want use jHipster for native mobile app backend. I can register and login through api REST perfectly.
But, how I do a social login through api? I cant find any endpoint
Thanks!
Have you included all necessary dependency in your POM file ?
If yes then you need to make some configurations in properties files and other files in order to configure them. It is explained in more detail Here.
I am sure this will help you.
I'am develop a desktop application using java swings.
I want the authentication to be as secure as possible so please suggest the measures i should be taking to do so
also i want to implement role based authorization such that people with specific roles have access to specific modules of softwares
I've looked for various frameworks like JAAS,Springs, apache shiro but i'am not able to map the idea to a desktop application since most of the tutorials and source available are for web application.
I am creating a web application on GAE. In this application i have to implement the SSO feature using SAML 2.0. I am suffering lot on web but i didn't find any example. I get the knowledge how SAML work, which library i have to use in java. But before starting i want to know if this feature is possible in GAE. I know google apps are based on SAML and provide SSO functionality. But i didn't find any link where it stated that GAE also support SAML and we can create SAML application on GAE. Thanks
I have done some integration with my demo google app engine account. Here i used Java based SAML2 IDP in my local which has been connected to LDAP user store. And using this IDP, i could login to google app account. Here what i understood. We need to configure about the IDP details (uri and so on) in the google account and upload a certificate of my IDP. Then i want to create same user which was in my IDP, in the google app account (I guess, it is for authorization purpose). Once i tried to login to google app, then it redirects me to my local SAML2 IDP and i need to provide user credentials to IDP. Then i would be directed to google app and can login to it. Here is some guide how to enable SAML2 SSO with shibboleth. I guess this would be help you.