spring-cloud-dataflow JDBC authentication - spring-cloud-dataflow

Spring Cloud Dataflow is awesome. It's marvelous and working like a charm.
Only problem we have encountered in missing JDBC authentication. FileBasedAuthetication is not safe and everyone do not LDAP. Huge chunk of users still prefer to use JDBC authentication.
It will be of great support if you help me with JDBC authentication. Do let me know how to implement it, any document or URL be of great help.

You can still add a custom JDBC authentication (via any Spring Boot managed SecurityConfigurer - GlobalAuthenticationConfigurerAdapter) and have it as a bean in your custom Data Flow server configuration(by running it via #EnableDataFlowServer).
You can also contribute the same to Spring Cloud Data Flow.
Thanks!

Related

Java Spring Application - Integration with Azure AD for SSO

I have a Java Spring MVC application (note that its not spring boot).
We have a requirement to implement SSO for the users of our application. I did some research, the identity provider (IDP) in our case is Azure AD. The service provider would be my application in this case. I am thinking of using SAML protocol for SSO.
Also note - The application is http based (not HTTPS)
What I've done so far -
I've created an Enterprise Application on Azure and configured entityId and replyURL. I also added a user for this application.
Where I'm stuck -
Although I did read the related Spring documentation to achieve this, since I'm a newbie here, I still don't have a clear path as to how can I take this forward in my application. I found some solutions, they seem to be examples for spring boot. Can someone please help me with guides as to how this can be done in Java Spring? Which maven dependency I could use and any sample example to start working with SAML? A step by step explanation would be highly appreciated, thankyou.
Also, any other options than SAML would also be fine.
The Spring Security SAML extension (https://docs.spring.io/spring-security-saml/docs/1.0.0.RELEASE/reference/html/index.html) had an example web app. You may read the referenced doc and apply it to Spring Security SAML. It should not be too much difference.
I’m very glad to register the flow in the event of implementing Azure AD B2C OIDC/OAuth protocol with existing Spring MVC architecture.
Below Spring docs reveal that how was our existing project's spring-security layer being served in the context of filter-chain.
Pre-requisites
Authentication Filter - Form Based Login with Legacy IDP
Authentication Manager – Providing the user details authorities along with http session object
For accomplishing this Azure B2C Integration, we've gone thro' lot of repos but most of them are relying with Java config based but we were interested on Spring namespace with limited code/architectural change.
Then finally we came to the conclusion that how to extend the spring default auth-filter/manager for getting valid session object from security context based on the Azure provided (id/access) token after the successful user authentication.
Customizing Spring-Security
The detailed documentation on how to extend auth-filter/manager is available here with © reserved by terasoluna.org
We customized the spring security in such a manner that auth-filter will carry the token_validation against the given token from Azure and authentication manager will extract user details such as roles/privileges w.r.t to the object-id mapped in our DB's user entity.
Once the Spring security customization is done then we can able to integrate the Authorization-server [Azure in our case] and Resource-server [Existing Spring Application] by following the conventional methods.

Configuring grails spring security plugin work with documentdb

Kindly help me to connect grails spring security plugin to work with DocumentDB for storing and retrieving the credentials. I am not using gorm to work with DocumentDB in my application.
According to: http://alvarosanchez.github.io/grails-spring-security-rest/latest/docs/#_token_storage
The tokens are stored on the server using a tokenStorageService bean. The plugin comes with out-of-the-box support for JWT, Memcached, GORM and Grails Cache, but you can use your own strategy implementing the TokenStorageServiceinterface.
You need to implement TokenStorageService interface to connect to DocumentDB using the Azure DocumentDB Java SDK.
Please let me know if you need help on this.

Spring Data Neo4j in combination with Spring-Social and Spring-Security

I am in an early stage of a small Spring-based project which utilizes Spring Data Neo4j with an embedded database (but possibly could use a server instance in a later development , too).
My data model and relationships have been designed, Spring Security (with Neo4j), MVC and tiles are set up and also seem to be fully functional.
Now I have the additional requirement to allow login with social networks.
I'm really stuck with trying to integrate Spring Social with my above mentioned setup. Basically I have a rough idea that I need to make use of the cross-store Neo4j component but have no real clue, how I could start with it.
I tried to find something useful for my case (SDN Neo4j + Spring Social Security) on github but was not really successful with that either.
Can anyone provide me an example configuration or even point me to some examples (I obviously didn't find before) ... any help is highly appreciated.
I don't think there is a Spring Social connector yet, but it shouldn't be too hard to write (there is one for Mongo). If nothing else, you can use the https://code.google.com/p/google-api-java-client/ directly form a service, exposing the google oauth callback from a Spring Controller, should work too.
https://code.google.com/p/google-api-java-client/
Neo4j connection repository for Spring social has been implemented here using neo4j-ogm. You can reuse that. https://github.com/maciossek/spring-social-neo4j

Tivoli Access Manager with Grails spring security

Does anyone over here has experience integrating TAM with Grails spring security for single sign on. If so can you help me get a quick start or point to any tutorials.
Thanks
You would probably want to use Spring Security's pre authentication feature and examine the header sent from TAM. To do so you would write your own authentication provider which is really simple and just looks for the header. See this for some more information

Securing Jersey RESTful services with spring-security-core using jaxrs plugin

I'm needing to implement some RESTful webservices for a client in a Grails app and I want to use the jaxrs plugin but I am having a heck of a time finding information on how to implement security that isn't realm based (tomcat-users.xml). I am using the spring-security-core plugin and I'd like to utilize it to authenticate against my webservices. How do I send credentials to the webservice and then authenticate those using spring security? Can someone point me in the right direction?
I found the following and used a modified version of the solution to solve my problem
http://blogs.bytecode.com.au/glen/2010/01/15/hacking-custom-authentication-providers-with-grails-spring-security.html

Resources