Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to add authentication? #5

Open
manjunathgudisi opened this issue Sep 4, 2020 · 7 comments
Open

How to add authentication? #5

manjunathgudisi opened this issue Sep 4, 2020 · 7 comments

Comments

@manjunathgudisi
Copy link

Hi-
I have deployed this app on my SCP account successfully. Now, I would need to protect the app and add authentication while consuming the APIs. I was following this tutorial - https://developers.sap.com/tutorials/s4sdk-secure-cloudfoundry.html but unable to proceed from Step3 as we dont have application/src/main/webapp/WEB-INF/web.xml in this project. Could you please me how to protect the APIs by adding XSUAA.
Thanks, Manju
@indusankar89
Copy link
Contributor

Hi Manju,
You can follow the steps in the tutorial https://developers.sap.com/tutorials/s4sdk-secure-cloudfoundry.html for all steps except step 3. instead of step 3, can you try to add

<dependency>
	<groupId>com.sap.cloud.security.xsuaa</groupId>
	<artifactId>xsuaa-spring-boot-starter</artifactId>
	<version>2.3.2</version>
</dependency>

and add the file: https://github.com/SAP-samples/cloud-espm-cloud-native/blob/master/product-service/src/main/java/com/sap/refapps/espm/config/AppSecurityConfig.java
to the objectStore projects config folder - https://github.com/SAP-samples/cloud-objectstore-java-sample/tree/master/src/main/java/com/sap/refapps/objectstore/config

@manjunathgudisi
Copy link
Author

Thank you @indusankar89 I will follow the steps and let you know the status. Thank you for your help.

@sathisha-bettegowda
Copy link

Gettting this error while building the app after following the steps...
[47,39] cannot find symbol
[ERROR] symbol: method oauth2ResourceServer()
[ERROR] location: class org.springframework.security.config.annotation.web.builders.HttpSecurity

@indusankar89
Copy link
Contributor

Hi @sathisha-bettegowda when did you get the above error? during build/deploy?
I tried to build and deploy by adding the mentioned dependency and file and it was successful..

@sathisha-bettegowda
Copy link

thanks @indusankar89
modifying this helped

<parent>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-starter-parent</artifactId>
	<version>2.2.4.RELEASE</version>
	<relativePath /> <!-- lookup parent from repository -->
</parent>

@sathisha-bettegowda
Copy link

sathisha-bettegowda commented Sep 9, 2020
edited

@indusankar89
After deploying the app router, we are getting unauthorized error, when we are trying to post anything to object,
Below are the sample of GET and POST request.
Could you please help us to understand what we are missing here,
image

image

Also in the xs-seurity.json, scope is limited to viewing.
"scopes": [
{
"name": "$XSAPPNAME.Display",
"description": "display"
}
],
"role-templates": [
{
"name": "Viewer",
"description": "Required to view things in our solution",
"scope-references" : [
"$XSAPPNAME.Display"
]
}
does this affect uploading/deleting files from object store?

@manjunathgudisi
Copy link
Author

Hi @indusankar89
Could please help us above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@manjunathgudisi @sathisha-bettegowda @indusankar89