All Questions
Tagged with spring-cloud-gateway spring-security
139
questions
0
votes
0
answers
29
views
Spring authorization server RP-initiated logout not working
I have a project with spring gateway as oauth client for spring authorization server.
Everything is working fine in terms of oidc authentication besides the logout. Logout does not work due to CORS, ...
0
votes
0
answers
37
views
Spring security logout not working when exceptionHandling.authenticationEntryPoint configured
I have configured a Spring Gateway service with Spring security enabled and oauth2 configured. I can perform the login and logout without any issue, even a custom LogoutSuccessHandler, until I ...
0
votes
0
answers
24
views
Custom Gateway filter order in Spring Cloud Gateway
I am exploring Spring Cloud Gateway. I want to introduce a custom HTTPHeadersFilter for all the routes.
Also i want to protect the gateway with authentication .Hence am using Spring Security. I have ...
0
votes
0
answers
110
views
Issue in Spring Authorization Server and Spring Cloud Gateway refresh_token flow
I have created Spring Authorization Server and Spring Cloud Gateway and everything looks perfect, but I found a problem in the gateway and specifically in the flow based on the refresh token. When ...
0
votes
3
answers
180
views
How to secure microservice websocket endpoint with Spring Cloud Gateway?
I have a microservice architecture based project, for which I have added Spring Cloud Gateway in front. My plan is to centralize security in the gateway. I have added OIDC and OAuth 2 for ...
0
votes
0
answers
85
views
Spring Cloud Gateway + Spring Security + Spring Boot 3
We're migrating all our microservices to Spring Boot 3.
Zuul to be migrated to Spring Boot3. Hence Spring-cloud will be the new API Gateway.
Zuul was acting like a resource server(used JWTs + OAuth2) ...
0
votes
0
answers
35
views
Spring Gateway routes not applied to multiple SecurityWebFilterChains
---> .csrf((c) -> {c.disable();}) for the /api/** security filter chain caused the following to happen for an unknown reason:
The issue is not having the gateway route filters and resources ...
0
votes
1
answer
31
views
Spring gateway dependency causing clientRegistrationRepository cannot be null
The issue is coming because of spring gateway starter mvc, i am using webflux because gateway needs webflux and i am using okta for oauth2.0 implementation.
I created the same project demo with same ...
0
votes
0
answers
21
views
What is the right way of doing custom Authentication in spring WebFlux. In my configuration i have redirect after Authentication problem
I try to implement custom Authentication digital signature based in Spring Cloud Gateway. At this moment i just return true for signature validation.
public class AdsAuthenticationFilter implements ...
0
votes
1
answer
93
views
Spring cloud gateway + spring authorization server api call with postman with bearer token
this is my spring cloud gateway config :
registration:
gateway-client:
provider: auth-service
client-id: coreInsurance
client-secret: F1656E3D-FA7D-FE68-891F-...
0
votes
0
answers
60
views
Ignore authorization for a particular URL in Spring Cloud API Gateway
I have an API Gateway that routes to an Netflix Eureka Discover Server in Spring. I have configured an authorization for the API Gateway but wanted to ignore this API Gateway authorization only for ...
-2
votes
1
answer
294
views
Spring Cloud Gateway with Spring Security for Register / Login using JWT Authententication. 403 Forbidden Error
I'm learning SpringBoot for a microservice application project.
I'm using Keycloak Client Authentication Route with Service Accounts Role and I've added the keycloak Configuration to the API Gateway ...
0
votes
0
answers
38
views
Websocket request is ignored in Spring gateway security
I have a problem with connecting spring WebSocket(Using sockJs).
Currently, we are using a gateway service(written in spring boot) to redirect incoming requests to appropriate micro-services. But I ...
0
votes
0
answers
89
views
Default /logout does not work if /login is customised spring security 5.7.11
Below is my security config:
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http){
http
.authorizeExchange(authorizeExchangeSpec ->
...
1
vote
0
answers
50
views
Spring Security: Only show login form when url parameter is present
I am using Spring Cloud Gateway (2023.0.0) and Spring Boot (3.2.3) with oauth2Login and formLogin.
Currently when the application is opened i am redirected to the login page. On the login page i can ...