You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We need to get rid of Authenticator component and to switch to something generic like Spring Security.
There is a need to support the following authentication methods:
Local user (Local database). It will require user management (CRUD operations) through the UI.
OpenID Connect
SAML2
Google IAP
The text was updated successfully, but these errors were encountered:
As of spring-security 6.x, all the mentioned components are supported out of the box :
OpenID Connect - included in spring-security-oauth2-client / spring-security-oauth2-resource-server
SAML2 - Here are some examples https://github.com/spring-projects/spring-security-samples/blob/main/servlet/spring-boot/java/saml2/custom-urls/README.adoc
The implementation looks quite advanced at a glance and supports proper logout.
IAP via spring-cloud-gcp-security-iap.
The latter is somewhat "nominal" implementation that needs some extra effort to be adapted to our case and so far I didn't spot any evidence it supports proper logout, but since IAP authentication is outside of the normal Authenticator API scope anyway, we are not taking a loss here.
Therefore, the target state is to use spring-security with standard extensions.
We need to get rid of Authenticator component and to switch to something generic like Spring Security.
There is a need to support the following authentication methods:
The text was updated successfully, but these errors were encountered: