• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Springboot Security - How to authorize only few requests which has specific Header value

 
Ranch Hand
Posts: 157
2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
As part of my Springboot micro services project which is running behind Springboot Gateway.

I have different auth servers like our own Auth Server as well as using Google's and Facebook's Open Id authentication.

Once the user application acquired the token, its being passed as bearer token. And one header to denote which Auth Server's token it is .. like sso=oursso, sso=google, or sso=facebook etc.,

Now at Gateway, I need to authenticate the token based on sso header value.. if its google , invoke google token validation api, if its facebook invoke facebook's token validation api or if its oursso then our own authserver's token validation api..

How can I achieve it..

1. Can I do it  using Springboot Security
2. Should I write simple web filter and read the header value and invoke the validate token service ..
 
If you settle for what they are giving you, you deserve what you get. Fight for this tiny ad!
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic