Reputation: 9306
Secure Grails Rest Api with Spring Security Rest Plugin
Can I use spring-security-rest as a replacement of Oauth?. My app has server side part and java script client side part where I found that spring-security-rest plugin fits most. But I want to be able to authenticate other apps who want to consume my service (I want to be something like Oauth provider). Does spring-security-rest plugin support this? or should I use another plugin?
Upvotes: 0
Views: 376
Answers (2)
Reputation: 10312
If you are looking only for a simplistic token based authentication for your service, you could leverage the spring security rest plugin and tweak it a little bit based on your need without having to implement the full blown Spring Security OAuth2 Provider plugin. I managed to accomplish something similar with by extending some of the base classes of spring security rest plugin to modify the login payload and authentication and exposed a token/validate as a REST endpoint. I put up this as an independent authentication service that uses the /api/login API for token generation in tandem with the /token/validate to accomplish some kind of validation on token. Not a full blown Oauth scenario but serves the purpose of authentication between consumer and provider services.
Upvotes: 0
Reputation: 904
The plugin is not a fully OAuth provider. Or said in OAuth terminology, is not a full Authorisation Server.
In that case I recommend you Spring Security OAuth 2 Provider Plugin
Upvotes: 1
Related Questions
- How to tie OAuth authentication with Spring Security
- How to secure grails API that uses Azure with Oauth?
- Spring security rest plugin for Grails3
- Authentication using Grails Spring Security REST Plugin
- grails spring security rest plugin
- Securing REST API in Grails and Spring Security
- Securing REST API with Security REST plugin
- Spring Security Authentication with REST API?
- Grails and Oauth2 Spring security
- Adding REST authentication to Grails + SpringSecurity browser app