Skip to main content

All Questions

Ask Question
Tagged with
23 questions
Newest Active Bountied Unanswered
4 votes
1 answer
3k views

Spring Session (Redis) + Oauth2 + Spring Cloud Gateway fails when restarting application if session already exists

Version Spring Boot Version: 2.6.5 Spring Cloud Version: 2021.0.0 The application built has the following characteristics: It is a reactive application (Reactor + WebFlux) It is an Oauth2 Client ...
Jorge Fiallega's user avatar
Jorge Fiallega
  • 81
1 vote
0 answers
1k views

Spring GW Oauth2 Client and Spring Session Redis - Loop in authentication in round robin cluster

I have a Spring Cloud Gateway service (reactive version) with Spring Security, which is Oauth2 client to a PingID service with Authorization Code Flow. It is going to act as a BFF for a JS SPA client ...
Garci García's user avatar
Garci García
  • 691
4 votes
1 answer
5k views

Spring Boot with Spring Session and Redis - RedisConnectionFactory is required

I am setting up a Spring Boot app that uses: OAuth2 Login Spring Session for authentication Redis for the session storage Using this spring boot application.yaml to enable redis: spring: session: ...
stringy05's user avatar
stringy05
  • 6,948
0 votes
1 answer
488 views

WebSessions not displaying replicating behaviour with Spring Session and Keycloak

I have created an API gateway using Spring Cloud Gateway. The Gateway is using Spring OAuth2 Client to connect to Keycloak. Spring Session is present, configured to work with Redis (@...
Hylton Peimer's user avatar
Hylton Peimer
  • 638
0 votes
2 answers
2k views

Spring boot login using Facebook throws authorization_request_not_found

I'm implementing login using Facebook with Spring Boot, Spring Session and Spring Security OAuth2. My application runs on a local machine and I am using a selfed-sign certificate. I'm using header-...
J.R.Smith's user avatar
J.R.Smith
  • 1
3 votes
1 answer
5k views

How to persist OAuth2AuthorizedClient in redis-session

My project uses redis session with springboot session and spring security 5.1.10. I just migrated the old oauth2 implementation. Before, when I restarted the app I still had the access_token and ...
Danidhsm's user avatar
Danidhsm
  • 81
0 votes
1 answer
523 views

oauth2 spring security with spring session to invalid those users which are inactive for 30 minutes

After 30 minutes of inactivity means (no request with access token is made),than the session will expire and user need to create token again. But if request is done than again 30 minutes will given ...
Nawaz Sharif's user avatar
Nawaz Sharif
  • 1
0 votes
1 answer
544 views

Spring session jdbc - How to add multiple HttpSessionIdResolver for a single application

I have a problem in injecting multiple HttpSessionIdResolver for a single spring application. For normal web application I would like to use CookieHttpSessionIdResolver For Rest API I would go for ...
adithya's user avatar
adithya
  • 29
4 votes
0 answers
953 views

How to define a custom grant type in a Spring Security Oauth2 client?

I have a working api-gateway application built on spring-boot 2.2, which is an Oauth2 client supporting authorization-code grant flow. It is built using spring-boot @EnableOAuth2Sso, which will create ...
Vineeth Vijayan's user avatar
Vineeth Vijayan
  • 41
3 votes
1 answer
2k views

Spring Session/Redis and Oauth2 not working together

Oauth2 and Redis will not play well together. As soon as I'm enabling Spring Session, two session IDs are created after I have been authenticated (OIDC) and sent back to the application — one ...
Erlend Garåsen's user avatar
Erlend Garåsen
  • 181
5 votes
1 answer
1k views

Using multiple OAuth2 clients in single browser session using Spring boot

We have Multi tenant WebApp designed using Spring Boot + Spring Security. This app is used to manage certain resources in Azure. User login into our WebApp using OAuth2.0 and can access Azure ...
JProgrammer's user avatar
JProgrammer
  • 1,135
0 votes
0 answers
2k views

Spring Security Oauth2, app behavior with session disabled

I disabled the session management in my REST service, because I am using Oauth2 to authenticate clients + users. So I have these configurations : Resource server @Configuration @EnableResourceServer ...
akuma8's user avatar
akuma8
  • 4,565
-1 votes
1 answer
64 views

separate oauth2 and web server

Suppose my site is example.com When a user at a client.com wants to login via example.com (with oauth2) He comes to oauth.example.com/authorize and oauth.example.com knows he's not signed in to web....
eugene's user avatar
eugene
  • 41.1k
3 votes
1 answer
2k views

How to protect the same resource using both spring-session and spring-security-oauth

I have a requirement to use two kinds of authentication, for web we @EnableRedisHttpSession and for other consumers like mobile we use @EnableAuthorizationServer with @EnableResourceServer. suppose ...
Ankur's user avatar
Ankur
  • 205
1 vote
1 answer
10k views

Spring boot security custom messages while user login

I am trying to integrate spring security in my spring boot application.All working ok but how do I display a message if the account is expired or account is locked? Also, I do not want to display ...
VK321's user avatar
VK321
  • 5,933

15 30 50 per page
1
2