EN | ES
To facilitate the integration of the Spring Boot web applications developed on the OpenPlatform, with the authentication and platform Realms, we provide the onesaitplatform-web-security-client library, which has the following dependency:
...
Once the authorities and Roles have been defined, we assign them to the users. In this case, we assign the user jfgpimpollo the ROL_USER and the auth1 authority:
...
With this, we already have the role management and its assignment to users in the OAUTH2 platform server through the REALM of the application. Then Next we use it from our application:
...
| Code Block | ||
|---|---|---|
| ||
<repositories> <repository> <id>onesait</id> <url>https://nexus.onesaitplatform.com/nexus/content/repositories/releases/</url> </repository> </repositories> |
ThenNext, if we have not yet enabled Spring security in our application's pom.xml, we add the dependency:
...
The next step is adding the properties that the security library needs, which are basically the configuration parameters to connect to the OAUTH2 server that manages the application's Realm of the application, to the application.properties or application.yml. Specifically, these are the following properties (in .yml format):
...
- baseurl: It is the url of the OpenPlatform instance used by the application.
- clientId: Application's Realm's identifier.
Bear in mind that, once Spring Security is enabled in our Spring Boot application, the later has been secured by the self-configuration that Spring Boot does, so we will have to decide which urls we escape (at least the login one), also indicating that we are securing resources through OAUTH2 (We extend from ResourceServerConfigurerAdapter instead of WebSecurityConfigurerAdapter). We will add something of this style to our application:
...