Skip to content
This repository was archived by the owner on Jun 16, 2025. It is now read-only.

https readme update #18

Merged
idg-sam merged 2 commits into from
Jan 26, 2021
Merged

https readme update #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
fde3b46
https readme update
idg-sam Jan 25, 2021
b0cb081
disclaimer for http
idg-sam Jan 26, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 18 additions & 12 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -153,21 +153,27 @@ Open `application.properties` in the msal-web-sample/src/main/resources folder.
- Replace *Enter_the_Client_Secret_Here* with the **key value** noted earlier.
- Replace *OboApi* with the API exposed in the `Web Api app` **(api://{clientId})**.

If you want to use https with localhost, you must have a certificate.
Use the `keytool` utility (included in JRE) if you want to generate self-signed certificate.
#### HTTPS on localhost

```Bash
keytool -genkeypair -alias testCert -keyalg RSA -storetype PKCS12 -keystore keystore.p12 -storepass password
```
If you are only testing locally, you may skip this step. If you deploy your app to Azure App Service (for production or for testing), https is handled by Azure and you may skip this step. Note that https is essential for providing critical security and data integrity to your applications, and http should not be used outside of testing scenarios. If you need to configure your application to handle https, complete the instructions in this section.

You may then put the following key-value pairs into your `application.properties` file.
1. Use the `keytool` utility (included in JRE) if you want to generate self-signed certificate.

```ini
server.ssl.key-store-type=PKCS12
server.ssl.key-store=classpath:keystore.p12
server.ssl.key-store-password=password
server.ssl.key-alias=testCert
```
```Bash
keytool -genkeypair -alias testCert -keyalg RSA -storetype PKCS12 -keystore keystore.p12 -storepass password
```

2. Put the following key-value pairs into your [application.properties](msal-web-sample/src/main/resources/application.properties) file.

```ini
server.ssl.key-store-type=PKCS12
server.ssl.key-store=classpath:keystore.p12
server.ssl.key-store-password=password
server.ssl.key-alias=testCert
```

3. Change both occurrences of `8080` to `8443` in the msal-web-sample's [application.properties](msal-web-sample/src/main/resources/application.properties) file.
4. Update your java_webapp Azure AD application registration redirects (e.g., `https://localhost:8443/msal4jsample/secure/aad` and `https://localhost:8443/msal4jsample/graph/me`) on the [Azure Portal](https://portal.azure.com).

#### Configure known client applications for service (Java-webapi)

Expand Down
3 changes: 3 additions & 0 deletions msal-web-sample/src/main/resources/application.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,11 @@
aad.authority=https://login.microsoftonline.com/common/
aad.clientId=Enter_the_Application_Id_Here
aad.secretKey=Enter_the_Client_Secret_Here

# change the port to 8443 if running HTTPS on localhost
aad.redirectUri=http://localhost:8080/msal4jsample/secure/aad
aad.oboApi=api://Enter_the_Obo_Api_Application_Id_Here/access_as_user
aad.webapp.defaultScope=api://Enter_the_Obo_Api_Application_Id_Here/.default

# change the port to 8443 if running HTTPS on localhost
server.port=8080