Secure a Spring Boot 2 API
Question
I spent a lot of hours to try to understand but without success.
All I can find doesn't correspond to what I want to achieve. My need is to secure my Spring Boot API but I want to use Google as the identification. After that I want to map the user datas (essentially name and email) with my database to implement Roles to grant different accesses regarding these roles.
Here are my questions to be sure and know where to start:
1-As far as I know in this case, Google is the Authorization Server and my API the Resource Server. Is that right?
2-I can find some tuto about ResourceServerConfigurerAdapter but it seems depreceted. For my API, do I have to use the WebSecurityConfigurerAdapter instead?
3-Do I have to use JWT?
4-How to test with Postman? Send a request to the Google server to get the token and send the Token to the API.
Help would be really appreciated as I spent a lot of time without success.
1 answers
solution1
0 2020-05-12 23:01:09
Go through this tutorial for brief understanding of Spring Security. You should use OAuth Authentication for using google as your authentication, Please check this video under the same playlist. Hope this helps..
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.