I'm developing a Java application using JPA, EJB, CDI, JAX-RS and AngularJS, running on a WildFly.
Currently I use basic authentication, but I would like to improve it with other authentication options, such as Facebook, Twitter or Google+.
Spring Social provides a nice set of features to connect with social networks, but I'm not using Spring on my application.
My questions are:
Does Spring Social play well with EJB?
Is there any example?
Is there an alternative to Spring Social in order to connect with social networks?
I'm running a web application using exactly the same stack and I'm successfully using Spring Social for Facebook authentication.
To answer your questions:
Spring Social is a class library, sure you can use it with EJBs, in
my project I've actually created an abstract interface between a
facade EJB and various Spring Social providers;
you can find code
examples on the Spring Social web page, look at Spring Sample
Projects;
every social gives you libraries and tools to connect with
them, whereas the Spring Social library gives you a uniform interface, making your code more simple and maintainable.
Related
I had written a Google App Engine application two years back with App Engine Cloud Endpoints as well as Datastore (Java application).
Now, I have to integrate an application which is written in Spring Boot.
After integration, my expectation is that Google App Engine Cloud Endpoints should work fine as well as the Spring Boot application.
More info: Integration means, two years back I had written an application using this sample project:
https://github.com/GoogleCloudPlatform/java-docs-samples/tree/7f5772f91a203ce266804cfbe89429e2bb026273/appengine/endpoints-v1-helloworld
Now, I have a Spring Boot application which is similar to this:
https://github.com/GoogleCloudPlatform/getting-started-java/tree/master/appengine-standard-java8/springboot-appengine-standard/src/main/java/com/example/appengine/demos/springboot
My question: Is it possible like this?
If you want to use the management features of Endpoints with a Spring Boot application, this is officially supported on App Engine Flex. It's theoretically possible on App Engine Standard, but is not a supported scenario. If you want an application that is using the API framework and Spring Boot, I suppose it is possible, though I don't know why you would want to use two different web frameworks. It would be far more efficient to use one or the other.
I´m building a web application which comunicates server and clients through REST services (I´m planning to build a mobile app in mid term).
I´ve used Spring Security in other web applications without REST services. But I´m not sure if that approach is suitable for my scenario.
Is it possible secure both access to web pages and calls to REST services using Spring Security? What would you recommend?
Backend uses Spring Data + Spring MVC.
Thank you.
Yes, Spring Security is a good way to secure both REST endpoints and traditional MVC webpages. The implementation can be similar for both your REST endpoints and MVC routes depending on your requirements.
Spring Security is a popular and effective way to add security to your Spring application. Since you already have experience with it, you should be able to secure your REST endpoints with relative ease.
Check out this detailed tutorial on securing REST routes with Spring Security to get started: https://spring.io/guides/tutorials/rest/5/
I am developing RESTFUL Java application in this i use JERSEY library. In my application i have to authenticate user with spring security OAuth 2.0 library. I am in need of both provider and client. I have searched lot in internet.
Can any one share a simple example or any nice tutorial with basic steps
Thanks in advance
Can anyone recommend a Java Security Framework that supports authentication with OAuth and OAuth so that we can offer integration with the likes of Google/Twitter/Facebook etc. as well as other security features such as cryptography, password reset, security questions etc. I've looked at Apache Shiro which looks good but doesn't seem to have the Social side of things covered. I've also investigated Spring Security which seems to cover as lot of areas but I'm not sure whether you need to be using Spring MVC to use this (we're using Wicket + Spring for the service layer).
Any recommendations appreciated.
Spring Security covers all the areas you need (the social stuff is called Spring Social, you can have a look at it).
Also no you don't need to be using Spring MVC. Any web framework can use Spring Security.
Check Oracle Fusion Middleware (Oracle ADF 11g.)
I currently have a Google App Engine app consisting of two parts:
A website using old school JSPs
A RESTful service implemented in Jersey
I've been trying to figure out how to shoehorn authentication into the web service but am rather lost since I've never used Spring before, and it sounds like that's the way to go.
Must I use Spring, or can I use Java EE? Are there any examples of how to accomplish this with Google App Engine?
Also, if I can get a high level description of some best practices for securing web services, that would be cool.
Thanks
Mark
app engine has built in OAuth support, which should do what you want.
I recomend you use apache shiro instead of spring because performance more over if you haven't got experience with spring. Apache shiro is a security framework and it could be integrated with GAE. You also can find a example in githubhow integrate the framework in GAE with Guice library.
Anyway for use Spring in GAE you also can find same best practice on Google Cloud Platform documentation