How to authenticate user using Spring Security for REST API -

-

I'm searching for a lot to answer this question. While reading many resources, including spring security documentation, I am still completely away from understanding how a user can be certified for the REST API using Spring Protection.
Here's what I want to do:

  • 1) I want to apply authentication like Amazon S3 service using public-private key
  • 2) For that I request a HMCAC token and authorization header or public key of my own custom header
  • 3) I want to use spring security to obtain server-side handling of tokens as follows: Ul>
  • 1) Public with header Receive the funds
  • 2) Store personal keys in the database by using My Cutom UserDetailService class
  • 3) Calculating HMAC token on request on server and using private key Like I do on the client
  • 4) Compare two tokens to verify the user
  • 5) If successfully, store the authentication object in the security calculator.

From the top I do not believe how to do this in Spring Protection, what I have understood is:

  • 1) With a custom filter, a & lt; Http & gt; Use element I have done it 

       & Lt; / Http & gt; 2) Now I can access the header in this filter and I can use the public key about it. 
     However, I'm not sure how I can regain it. Private key from the database using this public key Do I need to use custom authentication manager or authentication provider? And how to do it. Can I inject directly into the filter bean as my UserDetailService Bean?
  • 3) If I do not need to use custom authentication manager or authentication provider and I can inject UserDetailService directly into the filter bean, do I need custom authentication enterpoints?
  • 4) Assuming I'm able to get certification and authentication in the filter, I just need to call the chain. Doffilter and request will be forwarded to the appropriate controller?
  • 5) How do I use 401 responses at the client or custom authentication entry point if the authentication filter fails? If so, then?
  • 6) I have to add authoritates to user details to set up the User Details Service implementation and set it in the UserDetails object. Simply set up the certification object in the security context and get the job done authentication once our certification will be successful?

If necessary I can post more code for clarity.


Comments

Post a Comment

Popular posts from this blog

java - org.apache.http.ProtocolException: Target host is not specified -

-
I have written a simple httprequest / response code and I am getting this error below: I used to type in my classpath httpclient, httpcore, common -Codecs and general logging. I am very new to Java and I do not know what's going on here. Please help me. code: import org.apache.http.client.HttpClient; Import org.apache.http.client.methods.HttpGet; Import org.apache.http.HttpResponse; Import org.apache.http.impl.client.HttpClientBuilder; Import org.apache.http.Header; Import org.apache.http.HttpHeaders; Public class UnshorteningUrl {public static zero main (string [] args throws exception {HttpGet request = zero; HTTP Client Client = HTTP ClientBuilder.credit (). Build (); Try {Request = New HTTP Gate ("trib.me/1lBFzSi"); HttpResponse httpResponse = client.execute (request); Header [] header = httpResponse.getHeaders (HttpHeaders.LOCATION); // Preconditions.checkState (headers.length == 1); String new url = header [0] .getValue (); System.out.println ("new url...
Read more

java - Gradle dependencies: compile project by relative path -

-
Is it possible to specify a dependency on another gradeal project in the granular (in android studios) outside the current project limits? For example, with a relative path like this: dependence {collection project ('../../ stdlib / dagger'}} MyApp (path / user / foo / workspace / mypad) The app (Path / User / Foo / Workspace / MyPass / App) And I have an Android Library Project with 3 subdomules: stdlib (path is / user / foo / Utilities (Path / User / Foo / Workspace / Stadlib / Utilis) http (Path / User / Foo / Workspace / Stadlib / HT) / Li> What I have to do is compile the Dagger, Util, http module in the MyApp project. The Stidelib Library module under heavy development And MyApp will grow in the form of Growth, so I do not want to push them into a Mewen repository. I am a little change. is likely to add another Gredle projects in some way? I will push the study library into the Maven repository after the source is in search of a temp...
Read more

ruby on rails - Object doesn't support #inspect when used with .include -

-
So I have participated in a glitch error that I do not even know how to debug. I am very new to the railing, so it has kicked my ass well when I use the .includes (school) seen by the student, it gives a blue box error, But when I look at any other model and .includes (school) , the school works just fine. class student & lt; ActiveRecord :: Base has has_many: relationships, foreign_key: "liker_id", dependent :: has_many: matches, foreign_key: "student_1_id", dependent :: deleted belong_to: school belong_to: conference belong_to: would_you_rather belong_to: home city belong_to: year is_to: Major and class school & lt; on the console activatecord :: Affiliate for the base: conference includes: respondent, class: "school", foreign_key: "rival_id" (e.g. For: School) Select SQL generated Select "School". * "School" from "school" "ID" IN (1) error message back NoMethodError: u...
Read more