Stack Overflow
Stack Overflow

Questions tagged [micronaut-security]

22 questions
2
votes
1 answer

Micronaut Application, with security configured, returns Http 403 for js and css files

I am trying out Micronaut application (version 3.8.9). The application, in addition to few Rest APIs, would have HTML, Javascript and CSS for front end and also authentication and authorization. App works fine, but js and css files are forbidden.…
Lucas
  • 43
  • 5
2
votes
0 answers

Micronaut openid authentication and refresh tokens

I'm implementing an API gateway using micronaut. One of the gateway's responsibility it to handle user authentication. I want to use external IdP to authenticate users and then propagate JWT token to downstream services. I don't want micronaut to…
lutato
  • 21
  • 1
  • 2
2
votes
0 answers

convert comma separate string to list in yaml

I am using spring security and micronaut security in different projects to secure my APIs. The configuration is in YAML files as below. application.yml my-app: simple-role: user-role-id admin-role: manager-role-id security: …
Akshay
  • 3,558
  • 4
  • 43
  • 77
2
votes
1 answer

Adding Token header in micronaut client request

In micronaut, I have a use case where i need to add the oauth2 access token as a custom header (not Header Name='Authorization) to every request. Currently, i am fetching token and adding Authorization header to every request as specified by…
Swapnil Dhimmar
  • 21
  • 3
2
votes
3 answers

How do I load a "user" in a micronaut backend when JWT is provided

I have a Micronaut microservice that handles authentication via JsonWebTokens (JWT) from this guide. Now I'd like to extend this code. The users in my app have some extra attributes such as email, adress, teamId etc. I have all users in the…
Robert
  • 1,579
  • 1
  • 21
  • 36
1
vote
1 answer

Does Micronaut have a built-in login form like spring boot does?

Does Micronaut have an equivalent to the spring "formLogin" feature? When creating a spring boot application, we can add a method (bean) to a @Configuration annotated class like @Bean public SecurityFilterChain sfc(HttpSecurity s) { return…
Dave Ankin
  • 1,060
  • 2
  • 9
  • 20
1
vote
0 answers

AccessRefreshToken not serialized while using Micronaut Serialization

I have a Java-library which uses below dependencies dependencies { annotationProcessor "io.micronaut:micronaut-inject-java:3.5.3" annotationProcessor "io.micronaut:micronaut-validation:3.5.3" …
San Jaisy
  • 15,327
  • 34
  • 171
  • 290
1
vote
1 answer

How to add unauthorized WWW-Authenticate field to response header using Micronaut Security?

Using Micronaut Security, I would like the application to respond to a unauthorized request with a WWW-Authenticate header field for basic authentication, like this: WWW-Authenticate: Basic realm="User Visible Realm" Is it possible to do this…
Michel Nagme
  • 257
  • 1
  • 4
  • 10
1
vote
2 answers

Authentication is null Micronaut 3

I have a Micronaut 3 application, while using the JWT token the Authentication attribute on check method is null, however, I need to get all the roles from the JWT. As per latest change from Micronaut SecurityRule Changes The SecurityRule API has…
San Jaisy
  • 15,327
  • 34
  • 171
  • 290
1
vote
1 answer

How can i modify the order of Micronaut Http Filter so it get executed after Micronaut Security

I have a checkForBankId annotation @Target(value = { ElementType.METHOD, ElementType.TYPE, ElementType.ANNOTATION_TYPE }) @Retention(value=RetentionPolicy.RUNTIME) public @interface checkForBankId { boolean ignore() default false; } And i have…
Shïvà Tömàr
  • 66
  • 6
1
vote
0 answers

Secure micronaut rest api with social login such as Google and Facebook login

Given that I have mobile app which integrated with Google and Facebook login, how do I use Google and Facebook authentication in the Micronaut REST API? In the future, the mobile app will allow user to register (create new account) besides social…
limcheekin
  • 144
  • 1
  • 12
0
votes
1 answer

How to force client-credentials flow in micronaut-security to request a new access token when the resource client returns a Unauthorised response

I have a micro service that is using micronaut-security's oauth2 cliient-credentials flow to obtain an access token and propagate the same to a resourceClient in the header. I want to know if there is a way to get a new access token in the…
priya sekar
  • 3
  • 1
  • 3
0
votes
0 answers

How to retrieved the HttpRequest body in Micronaut upon AuthenticationException

In my Micronaut project, we are auditing the request payload that we received upon calling the API endpoints. However, upon invalid credentials on a secured endpoint, using the ExceptionHandler or @Error annotation, the HttpRequest only able to read…
Miguel Jr. Bermundo
  • 71
  • 5
0
votes
0 answers

Micronaut: make @RolesAllowed working without validation of tokens

The API Gateway handles the token validation and then routes it to the appropriate service. similar situation is described here. I want to use a javax.annotation.security.RolesAllowed annotation (Secured or similar) to protect easily endpoints with…
Kaes
  • 3
  • 2
0
votes
0 answers

Ldap Configuration Additional Properties with Micronaut

I need to configure LDAP with my Micronaut app, but I to need add the property java.naming.referral=follow to JNDI configuration, so I tried this: security: enabled: true ldap: default: enabled: true context: …
Ronaldo Lanhellas
  • 2,975
  • 5
  • 46
  • 92
1
2