What is the correct way of integrating Google+ login with Spring Security?
I saw that there is http://projects.spring.io/spring-security-oauth/, but not sure how (and if it's possible) to integrate with Google+.
Related
In my vaadin application I need to login using facebook and google signin with integration of shiro and oAuth2 module. I tried using pac4j but I'm not able get properly.
Can any one suggest some examples?
I am building a new application using microservices with a frontend UI using React JS. I have created an auth microservice using Spring Boot and OAuth 2.0. For single page applications I have read that I should use the implicit grant instead of the password grant. The auth microservice will support this but my question is where would I implement the UI for the user to put their username and password? Would it be within the auth microservice or would I have to create a separate UI application?
The authentication form will be on your auth microservice. Think for example as you use google login. You'll see google login page even if you have your own microservice. It's because authentication provider is google and you redirect user to login to google.
I implemented all grant types a while back. May be this will help you.
We have an App which uses Spring Security along with username/password credentials. We want to add the ability to use Google+ as an alternative sign in option. In the user record, I would store the google user id along with the authenticated token rather than a password.
However, I have not had any success finding any docs or guidelines about how to do so. The spring security docs provide a way of doing it via openId, but Google recommends using Google+ Sign-in or OAuth 2.0. I have found plenty of information about how to access oauth restricted resources from google, but none that use google as an authentication provider.
I may have to dig in and figure out how to implement my own spring authentication provider and user details solution for use with google authentication, but I would love it if someone could point me to where it has already been done, as I would be amazed if no one has done it before, and I'd prefer not to reinvent the wheel.
Thanks in advance.
I ended up using pac4j and spring-security-pac4j
I have a grails app configured with spring-security-core and I need to allow Facebook / Twitter logins. I'm using the facebook plugin for grails and I'm using twitter4j for twitter authentication. Currently, I am successfully authenticating against Twitter and Facebook.
I'm wondering how I am to integrate those logins with Spring security. If a user logs in with Twitter I am assuming I need to create an account in my database and then use that account to process a login for Spring Security so that it wires up the session appropriately and all the authentication checks happen based on my #Secured annotations and tag usage in my views.
Something similar, I am guessing, needs to happen based on Facebook logins. Can someone point me in the right direction to get this implemented correctly?
A really good resource for understanding how to integrate an external authentication source is this article by Luke Taylor:
http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/
Grant
Do I need to write a custom authentication provider to use facebook connect with account registration + authorization for the Spring Security plugin in Grails? I am trying to offer the traditional application registration with facebook connect in a grails dev app using Spring Security. Does this make sense? Any ideas?
You can inspiration in spring-security-facebook project. But the project is no longer has an active development.
Other possibility is to use Apache Shiro plugin which has facebook login or nimble plugin.