Questions tagged [spring-security-6]
The spring-security-6 tag has no usage guidance.
spring-security-6
32
questions
0
votes
2
answers
56
views
OAuth2AuthenticatedPrincipal not loaded after introspect is executed
I have created a Spring Security 6 project with opaque token configuration implemented in resource server. I already have an authorization server deployed both to test/prod environments.
My ...
0
votes
1
answer
65
views
How to implement Persistent Token based remember me services in custom Authentication Filter Spring Security 6 / Spring Boot 3.1
I am trying to understand Spring Boot security properly.
This is the last sticking point I have and the documentation lacks a lot of detail.
All the other examples and questions are too old and not ...
1
vote
1
answer
62
views
Security Context with HttpSessionSecurityContextRepository always returns 403 after successful authentication, Spring Boot 3.3
Im revising and learning Spring Boot. With the 3.3 latest version, there are issues saving the security context in the session.
What I am trying to do is have a regular Server side stateful session ...
0
votes
0
answers
36
views
Spring Security hasAuthority not securing endpoint [closed]
I'm trying to secure an endpoint .requestMatchers("/user/players").hasAuthority("ADMIN") so that only User with role = 'ADMIN' can access it.
Problem I'm facing is when using ...
0
votes
1
answer
88
views
Calling any private (non-public) REST requests causes PKIX path building failed problem on Spring Security 6 (OAuth2ResourceServer)
I recently migrated to Spring Boot 3, Java 17 & Spring Security 6.
I have a working authorization server already deployed for testing and prod environments, so there is no need to implement it ...
1
vote
0
answers
28
views
How to configure 'userDetailsService' while migrating Spring Security 5.x to Spring Security 6.x
We are migrating our application from SpringBoot2.x to SpringBoot 3.x, as a result we need to migrate SpringSecurity from 5 to SpringSecurity 6.
While migrating I am facing the below error :
In the ...
0
votes
0
answers
46
views
Blank Login Page Spring Security 6.2.3 and Spring Boot 3
I am getting a blank page after hitting my custom login page URL i.e. mapped to /login. I am getting a 200 response code but showing an empty page in the browser although I my login page contains the ...
0
votes
0
answers
106
views
Cors Error when connecting react app to spring boot 3.2.5 and spring security 6.2.4
Spring Boot: 3.2.5
Spring security: 6.2.4
In the below code:
@Bean
JwtDecoder jwtDecoder(RestTemplateBuilder builder) {
RestOperations rest = builder.setConnectTimeout(Duration.ofMillis(TIME_OUT)...
0
votes
0
answers
17
views
what is Isuue to switchIfEmpty() method order in ExceptionTranslationWebFilter?
My spring security version is 6.2.3.
My security filter sequence is
{ServerHttpSecurity$ServerWebExchangeReactorContextWebFilter@12858}
{HttpHeaderWriterWebFilter@12859}
{ReactorContextWebFilter@...
0
votes
0
answers
74
views
Renew/Rotate refresh token with spring security 6 OAuth server
How can we enable refresh tokens to be auto-renewed(rotated) when a request is made with refresh_token grant_type. Currently the access token is renewed everytime is request is made but the ...
0
votes
0
answers
33
views
SpringSecurity6 - implement AuthorizationManager with MetadataSource
Thanks for reading.
springsecurity5.x : config
`
@Bean
public FilterSecurityInterceptor filterSecurityInterceptor() throws Exception {
FilterSecurityInterceptor filterSecurityInterceptor = new ...
0
votes
1
answer
395
views
Redirect to OAuth2 login page in Spring MVC with Spring Security 6
I have an Spring MVC jsf application. Each page/endpoint requests are secured with customAuthorizationManager.
I'm trying to redirect any unauthenticated/unauthorized request to our OAuth2 server's ...
0
votes
0
answers
236
views
Spring boot security 6 - swagger 3: CSRF token only worked second call
I'm implementing spring boot security in our Java 17 project which uses Swagger 3. The login procedure appears when navigating to the swagger-UI before we can call one the endpoints. Which is normal. ...
2
votes
2
answers
888
views
Spring Boot 3 Authorization server config for token generation with TokenStore
I'm trying to create an oAuth-service using spring security in spring boot 3.2 during the integration of spring security. However, while developing, I discovered several classes that are "...
0
votes
1
answer
165
views
Problem with h2 database in spring boot 3 with spring security 6 [duplicate]
I get error:
This is because there is more than one mappable servlet in your servlet context: {org.h2.server.web.JakartaWebServlet=[/h2-console/*]
Tried everything and it doesn't work, currently have ...