Hi, I'm not sure where to put this, so here I am.
I'm developing a rather big micro service cloud application with dozen of services, two of whom have a vaadin frontend.
They are obviously behind a reverse proxy (nginx) which handles the authentication (forwards to an IDP).
In the documentation (https://vaadin.com/docs/latest/security/enabling-security) it states the requirement for a login view and a log out capability. I have the latter, but no vaadin log in view.
On the other hand I just wan't to configure the jwt security with spring using a ressource-server to check the provided bearer token.
Could you please provide a tutorial, how this is supposed to be configured?
I currently have this configuration, but am not sure, if this is correct.
@Override
protected void configure(final HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers(ACTUATOR_HEALTH_ENDPOINT).permitAll();
http.authorizeRequests().antMatchers(ACTUATOR_PROMETHEUS_ENDPOINT).permitAll();
super.configure(http);
http.cors()
.and()
.oauth2ResourceServer()
.jwt();
}
Hi, I'm not sure where to put this, so here I am.
I'm developing a rather big micro service cloud application with dozen of services, two of whom have a vaadin frontend.
They are obviously behind a reverse proxy (nginx) which handles the authentication (forwards to an IDP).
In the documentation (https://vaadin.com/docs/latest/security/enabling-security) it states the requirement for a login view and a log out capability. I have the latter, but no vaadin log in view.
On the other hand I just wan't to configure the jwt security with spring using a ressource-server to check the provided bearer token.
Could you please provide a tutorial, how this is supposed to be configured?
I currently have this configuration, but am not sure, if this is correct.