CODEWITHSUNDEEP
javaazuredropwizardadalazure-active-directory
user3711455
user3711455

Reputation: 93

Azure Adal with Dropwizard

I am trying to find an example of Azure Adal (Oauth2) usage with Dropwizard, but can't seem to find anything.

The Oauth2 example on dropwizard's website is really vague, I can't seem to understand where I would provide my ClientId, and token endpoints.

Anyone have an example on how to use Oauth2 (Azure AD) with Dropwizard

Upvotes: 2

Views: 372

Answers (2)

Peter Pan
Peter Pan

Reputation: 24128

I have no experience for Dropwizard, but I think you might want to integrate Azure AD with your application for calling some Azure services or implementing authentication like SSO.

I searched the user manual for OAuth2 with Dropwizard. It seems to do the authentication and authorization via register the related REST service into the application container as filter likely for Spring Framework.

There is a sample on Azure offical site shown how to integrate Azure AD into a Java web application. I think it's helpful for you to know the steps.

Any concern, please feel free to let me know.

Upvotes: 4

Martyn C
Martyn C

Reputation: 1139

I don't have any experience of Dropwizard at all but I did manage to find some sample code on GitHub which may help you.

I would like to point out a small disclaimer I noticed on the readme section.

This project is only in use for internal projects at CommerceHub. You should be familiar with the auth section of the DropWizard manual.

That said as a sample it looks fairly viable to me, hopefully this will help you. Here is the sample configuration they posted for reference.

    ad:
    domain: my.company.example.com  # No Default
    domainController: my-fav-dc.my.company.example.com # Default: <domain>
    sslEnabled: true  # Default: true
    usernameFilterTemplate: (&((&(objectCategory=Person)(objectClass=User)))(sAMAccountName=%s)) # Default: <As shown> %s replaced with the sAMAccountName
    attributeNames: # Default: <As Shown>. first two are required. Will be fetched as String.
        - sAMAccountName
        - memberOf
        - mail
    binaryAttributeNames: # Default: empty. Will be fetched as byte[]. Need for the ones below.
        - objectGUID
        - objectSid
    connectionTimeout: 1000 # Default: as shown in millseconds
    readTimeout: 1000 # Default: as shown in millseconds
    requiredGroups: # Default: <empty>
        - All
        - Of
        - These
        - Are
        - Required
        - Or
        - You
        - Get
        - A
        - 401

I have also included the example from the page here as well:

@Override
public void run(HelloWorldConfiguration configuration, Environment environment) throws ClassNotFoundException {
...
// dropwizard 0.9.x
environment.jersey().register(new AuthDynamicFeature(
        new BasicCredentialAuthFilter.Builder<AdPrincipal>()
            .setAuthenticator(AdAuthenticator.createDefault(configuration.getAdConfiguration()))
            .setRealm("MSAD")
            .buildAuthFilter()));
environment.jersey().register(RolesAllowedDynamicFeature.class);
environment.jersey().register(new AuthValueFactoryProvider.Binder<>(AdPrincipal.class));

// dropwizard 0.7.x
environment.jersey().register(new BasicAuthProvider<>(AdAuthenticator.createDefault(configuration.getAdConfiguration()), "MSAD"));
...
environment.jersey().register(new ProtectedResource());
}

Upvotes: 1

Related Questions