Thursday, October 08, 2020

Azure SSO integration with Spring Boot + Spring Web + Spring Security Project

 There are many SSO option available in the market that get integrated with Spring boot (Web application) along with Spring Web and Spring Security Modules.

Note:- We assume you have Azure cloud account. You can get 1 yrs free subscription for Azure. We also assume you have configured your site url, user etc in Azure who is going to logged in. In return Azure SSO will give you following items
TanentId:-
Application (client) ID:-
azure-sample-key:-

Please follow below given step for the same.

Step 1:- Create an app using Spring Initializr
Browse to https://start.spring.io/.

Specify Maven project, Java, enter the Group and Artifact names for your application.

Add Dependencies likes Spring Web, Azure Active Directory, and Spring Security.

and finally click the Generate button.

Import created project in your IDE. I am using STS IDE.

Add following entries/dependencies in Pom.xml

org.springframework.security spring-security-oauth2-client
org.springframework.security spring-security-oauth2-jose

Add following values in your applcation.yaml or application.properties

Specifies your Tanent id for specific Active Directory ID i.e. TanentId:

azure.activedirectory.tenant-id=

Specifies your App Registration’s Application ID i.e. Application (client) ID:

spring.security.oauth2.client.registration.azure.client-id=

Specifies your App Registration’s secret key i.e. azure-sample-key:

spring.security.oauth2.client.registration.azure.client-secret=

Specifies the list of Active Directory groups to use for authorization:

azure.activedirectory.user-group.allowed-groups=

Make sure to have follwing config class in your application so that the request would be send to Azure SSO for authentication and process.

@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private OAuth2UserService oidcUserService;
@Override
protected void configure(HttpSecurity http) throws Exception {
    http
        .authorizeRequests()
        .anyRequest().authenticated()
        .and()
        .oauth2Login()
        .userInfoEndpoint()
        .oidcUserService(oidcUserService);
}
}

Finally use the below command to run the application and verify items

mvn clean package
mvn spring-boot:run

Open your browser and hit the url
http://localhost:8181

(Note:-I had configured my application on port 8181 instead of 8080)

Following screen will be displayed

Enter your user created in Azure havign id ending with i.e. @azuresiddhusampledirectory.onmicrosoft.com and enter the password.

If it is authenticated you will be able to see the below given screen

download:- You can download the exmaple from below given github locations.

https://github.com/shdhumale/siddhu-spring-security-azure-simple

No comments: