Supporting service returns Unauthorized which is unauthenticating the valid login for hosted end points
We are using Spring Security OAuth2 with WebFlux, if any of our supporting API return 401 because of their implementation, current valid login is removed and subsequent calls are failing with 401. How to avoid this situation if 401 is returned from white listed paths only.
Support of OIDC backchannel logout using XML security config
I do not see any simple way to introduce the Spring Security backchannel logout in the current Spring Security Config XML configuration. The namespaces do not contain the java DSL OIDC backchannel logout possibilities. The documentation refers to reactive stack which was not yet required and it is not yet available.
How to replace deprecated ResourceServerTokenServices in spring security 5?
I’m trying to migrate an OAuth 2.0 Resource Server from Spring Security OAuth 2.5 to Spring Security 5. This resource server is using a tokenServices implementing ResourceServerTokenServices. From reading the documents and searching the internet so far, I still haven’t found out what I can use to replace this tokenServices in Spring security 5. I’d appreciate any help.
using spring security 6.2.4 but I can’t find the hasScope check in HttpSecurity
According to this documentation https://docs.spring.io/spring-security/reference/servlet/oauth2/resource-server/jwt.html
spring security code migration from 2.X.X to 5.7.X. Facing issue with setting resourceId
My Code:
Injecting @RegisteredOAuth2AuthorizedClient to a non controller bean
Is it possible to inject @RegisteredOAuth2AuthorizedClient to a non controller bean that is request scoped?