GR8EU 2019 - Micronaut Security

GR8EU 2019 - Micronaut Security

Presentation at GR8Conf EU 2019 about the security options offered by Micronaut.

30995fcc876f40073628b63ea5cfab59?s=128

Sergio del Amo

May 28, 2019
Tweet

Transcript

  1. objectcomputing.com © 2018, Object Computing, Inc. (OCI). All rights reserved.

    No part of these notes may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior, written permission of Object Computing, Inc. (OCI) MICRONAUT SECURITY SERGIO DEL AMO
  2. © 2018, Object Computing, Inc. (OCI). All rights reserved. ©

    2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 2 • MICRONAUT / GRAILS OCI TEAM • GUADALAJARA, SPAIN • CURATOR OF GROOVYCALAMARI.COM • PODCAST HOST OF PODCAST.GROOVYCALAMARI.COM • GREACH Conference organizer • @SDELAMO • HTTP://SERGIODELAMO.ES SERGIO DEL AMO
  3. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    3 CONTROLLER EXAMPLE @Controller(“/books") public class BookController { @Get public List<Book> index() { return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  4. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    4 INSTALLATION
  5. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    5 SECURITY INSTALLATION dependencies { ... .. . annotationProcessor "io.micronaut:micronaut-security" compile "io.micronaut:micronaut-security" } build.gradle src/main/resources/application.yml micronaut: security: enabled: true
  6. © 2018, Object Computing, Inc. (OCI). objectcomputing.com 6 SECURED BY

    DEFAULT
  7. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    7 Security Filter
  8. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    8 ANONYMOUS ACCESS
  9. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    9 @Secured IS_ANONYMOUS import io.micronaut.security.annotation.Secured; @Controller(“/books") public class BookController { @Secured(SecurityRule.IS_ANONYMOUS) @Get public List<Book> index() { return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  10. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    10 @Secured IS_ANONYMOUS import io.micronaut.security.annotation.Secured; @Secured(SecurityRule.IS_ANONYMOUS) @Controller(“/books") public class BookController { @Get public List<Book> index() { return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  11. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    11 JSR_250 annotations import javax.annotation.security.PermitAll; @Controller(“/books") public class BookController { @PermitAll @Get public List<Book> index() { return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  12. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    12 INTERCEPT URL MAP src/main/java/example/micronaut/BookController.java @Controller(“/books") public class BookController { @Get public List<Book> index() { return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } } src/main/resources/application.yml micronaut: security: enabled: true intercept-url-map: - pattern: "/books" http-method: GET access: - isAnonymous()
  13. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    13 INTERCEPT URL MAP for STATIC RESOURCES src/main/resources/application.yml micronaut: router: static-resources: default: enabled: true mapping: /static/** paths: - classpath: public security: enabled: true intercept-url-map: - pattern: "/static/logo.png" http-method: GET access: - isAnonymous()
  14. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    14 BASIC AUTH
  15. © 2018, Object Computing, Inc. (OCI). objectcomputing.com 15 BASIC AUTH

  16. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    16 Basic Auth
  17. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    17 Basic Auth
  18. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    18 BASIC AUTH import javax.inject.Singleton @Singleton public class ExampleAuthenticationProvider implements AuthenticationProvider { @Override public Publisher<AuthenticationResponse> authenticate(AuthenticationRequest authenticationRequest) { if (authenticationRequest.getIdentity().equals("user") && authenticationRequest.getSecret().equals("password"))) { UserDetails u = new UserDetails(authenticationRequest.getIdentity(), Arrays.asList("ROLE_USER")); return Flowable.just(u); } return Flowable.just(new AuthenticationFailed()); } } $ curl - u name:password http://micronaut.example/books curl with basic auth
  19. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    19 DELEGATING AUTHENTICATION PROVIDER
  20. © 2018, Object Computing, Inc. (OCI). objectcomputing.com 20 DELEGATION AUTHENTICATION

    PROVIDER
  21. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    21 DELEGATING AUTHENTICATION PROVIDER import javax.inject.Singleton @CompileStatic @Singleton class UserFetcherService implements UserFetcher { protected final UserGormService userGormService UserFetcherService(UserGormService userGormService) { this.userGormService = userGormService } @Override Publisher<UserState> findByUsername(String username) { UserState user = userGormService.findByUsername(username) as UserState (user ? Flowable.just(user) : Flowable.empty()) as Publisher<UserState> } } implementation of UserFetcher
  22. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    22 DELEGATING AUTHENTICATION PROVIDER package example.micronaut.services import io.micronaut.security.authentication.providers.AuthoritiesFetcher import io.reactivex.Flowable import org.reactivestreams.Publisher import javax.inject.Singleton @Singleton class AuthoritiesFetcherService implements AuthoritiesFetcher { protected final UserRoleGormService userRoleGormService AuthoritiesFetcherService(UserRoleGormService userRoleGormService) { this.userRoleGormService = userRoleGormService } @Override Publisher<List<String>> findAuthoritiesByUsername(String username) { Flowable.just(userRoleGormService.findAllAuthoritiesByUsername(username)) } } implementation of AuthoritiesFetcher
  23. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    23 DELEGATING AUTHENTICATION PROVIDER import io.micronaut.security.authentication.providers.PasswordEncoder import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder import javax.inject.Singleton @Singleton class BCryptPasswordEncoderService implements PasswordEncoder { org.springframework.security.crypto.password.PasswordEncoder delegate = new BCryptPasswordEncoder() String encode(String rawPassword) { return delegate.encode(rawPassword) } @Override boolean matches(String rawPassword, String encodedPassword) { return delegate.matches(rawPassword, encodedPassword) } } implementation of PasswordEncoder dependencies { ... compile “org.springframework.security:spring-security-crypto:5.2.5.RELEASE” } build.gradle
  24. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    24 SESSION BASED AUTHENTICATION
  25. © 2018, Object Computing, Inc. (OCI). objectcomputing.com 25 Session Auth

  26. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    26 SESSION AUTH dependencies { ... .. . annotationProcessor "io.micronaut:micronaut-security" compile "io.micronaut:micronaut-security-session" } build.gradle src/main/resources/application.yml micronaut: security: enabled: true session: enabled: true
  27. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    27 SECURITY SESSION CLI INSTALLATION $ mn create-app my-app --features security-session MICRONAUT SECURITY SESSION
  28. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    28 ENDPOINTS
  29. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    29 LOGIN CONTROLLER src/main/resources/application.yml micronaut: security: enabled: true endpoints: login: enabled: true
  30. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    30 LOGOUT CONTROLLER src/main/resources/application.yml micronaut: security: enabled: true endpoints: logout: enabled: true
  31. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    31 AUTHENTICATION
  32. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    32 @Secured IS_AUTHENTICATED import io.micronaut.security.annotation.Secured; @Controller(“/books") public class BookController { @Secured(SecurityRule.IS_AUTHENTICATED) @Get public List<Book> index() { return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  33. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    33 @Secured IS_AUTHENTICATED import io.micronaut.security.annotation.Secured; @Secured(SecurityRule.IS_AUTHENTICATED) @Controller(“/books") public class BookController { @Get public List<Book> index() { return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  34. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    34 AUTHORIZATION
  35. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    35 AUTHORIZATION import io.micronaut.security.annotation.Secured; @Controller("/books") public class BookController { @Secured({"ROLE_ADMIN","ROLE_USER"}) @Get public List<Book> index() { return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  36. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    36 JSR_250 annotations import javax.annotation.security.RolesAllowed; @Controller("/books") public class BookController { @RolesAllowed({"ROLE_ADMIN","ROLE_USER"}) @Get public List<Book> index() { return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  37. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    37 RETRIEVE CURRENT USER
  38. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    38 Retrieve the Authenticated User import io.micronaut.security.annotation.Secured; import java.security.Principal; import javax.annotation.Nullable; @Controller(“/books") public class BookController { @Secured(SecurityRule.IS_ANONYMOUS) @Get public List<Book> index(@Nullable Principal principal) { if (principal != null && principal.getName().equals("Harry Potter”)) { return Arrays.asList(new Book("9781781102459", "Philosopher's Stone”)); } return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  39. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    39 Retrieve the Authenticated User import io.micronaut.security.annotation.Secured; import java.security.Principal; @Controller(“/books") public class BookController { @Secured(SecurityRule.IS_AUTHENTICATED) @Get public List<Book> index(Principal principal) { if (principal.getName().equals("Harry Potter”)) { return Arrays.asList(new Book("9781781102459", "Philosopher's Stone”)); } return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  40. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    40 Retrieve the Authenticated User import io.micronaut.security.annotation.Secured; import io.micronaut.security.authentication.Authentication; @Controller(“/books") public class BookController { @Secured(SecurityRule.IS_AUTHENTICATED) @Get public List<Book> index(Authentication authentication) { if (authentication.getName().equals("Harry Potter”)) { return Arrays.asList(new Book("9781781102459", "Philosopher's Stone”)); } return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  41. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    41 Retrieve the Authenticated User import io.micronaut.security.annotation.Secured; import io.micronaut.security.authentication.Authentication; @Controller("/books") public class BookController { private final SecurityService securityService; public BookController(SecurityService securityService) { this.securityService = securityService; } @Secured(SecurityRule.IS_AUTHENTICATED) @Get public List<Book> index() { if (securityService.getAuthentication().getName().equals(“Harry Potter”)) { return Arrays.asList(new Book("9781781102459", "Philosopher's Stone”)); } return Arrays.asList(new Book("1491950358", "Building Microservices"), new Book("1680502395", "Release It!"), new Book("0321601912", "Continuous Delivery")); } }
  42. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    42 LDAP
  43. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    43 LDAP src/main/resources/application.yml micronaut: .. . security: ... .. ldap: default: enabled: true context: server: 'ldap://ldap.forumsys.com:389' managerDn: 'cn=read-only-admin,dc=example,dc=com' managerPassword: 'password' search: base: "dc=example,dc=com" groups: enabled: true base: "dc=example,dc=com" build.gradle dependencies { ... .. . annotationProcessor "io.micronaut:micronaut-security" compile "io.micronaut:micronaut-security" compile "io.micronaut.configuration:micronaut-security-ldap" } LDAP authentication in Micronaut supports configuration of one or more LDAP servers to autehtnicate with. Each server has it’s own settings and can be enabled or disabled
  44. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    44 JWT
  45. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    45 SECURITY JWT INSTALLATION dependencies { ... .. . annotationProcessor "io.micronaut:micronaut-security" compile "io.micronaut:micronaut-security-jwt" } build.gradle src/main/resources/application.yml micronaut: security: enabled: true token: jwt: enabled: true
  46. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    46 SECURITY JWT CLI INSTALLATION $ mn create-app my-app --features security-jwt MICRONAUT SECURITY JWT
  47. © 2018, Object Computing, Inc. (OCI). objectcomputing.com 47 Bearer Token

  48. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    48 Security Filter
  49. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    49 LOGIN CONTROLLER JWT Bearer authentication
  50. © 2018, Object Computing, Inc. (OCI). objectcomputing.com 50 COOKIE JWT

  51. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    51 Security Filter
  52. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    52 LOGIN CONTROLLER JWT Bearer authentication
  53. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    53 JWT Signature Generation and Validation To enable a JWT signature in token generation, you need to have in your app a bean of type RSASignatureGeneratorConfiguration, ECSignatureGeneratorConfiguration, SecretSignatureConfiguration qualified with name generator. To verify signed JWT tokens, you need to have in your app a bean of type RSASignatureConfiguration, RSASignatureGeneratorConfiguration, ECSignatureGeneratorConfiguration, ECSignatureConfiguration, or SecretSignatureConfiguration.
  54. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    54 JWT Configuration src/main/resources/application.yml micronaut: security: enabled: true token: jwt: enabled: true signatures: secret: generator: secret: pleaseChangeThisSecretForANewOne jws-algorithm: HS256
  55. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    55 Claims Validation Bean Description ExpirationJwtClaimsValidator Validate JWT is not expired. SubjectNotNullJwtClaimsValidator Validate JWT subject claim is not null. io.micronaut.security.token.jwt.validator.GenericJwtClaimsValidator Provide your own!
  56. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    56 RFRESH CONTROLLER src/main/resources/application.yml micronaut: security: enabled: true endpoints: oauth: enabled: true
  57. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    57 JSON Web Key JWK A JSON Object that represents a cryptographic key. The members of the object represent properties of the key, including its value. { "kty":"EC", "crv":"P-256", "kid":"test-personal-node", "x":"kdoE0JmUQra00UWJXHBwVvQetJ_L7vXt8nuXkaftKjo", "y":"PV7FUShMZ8Jg_kc2vjxgfwswEy26w_vWvVCHAGQ9tEQ" }
  58. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    58 JWK Set A JSON object that represents a set of JWKs. The JSON object MUST have a "keys" member, which is an array of JWKs. { "keys": [ { "kty":"EC", "crv":"P-256", "kid":"123", "x":"kdoE0JmUQra00UWJXHBwVvQetJ_L7vXt8nuXkaftKjo", "y":"PV7FUShMZ8Jg_kc2vjxgfwswEy26w_vWvVCHAGQ9tEQ" } ] }
  59. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    src/main/resources/application.yml micronaut: security: enabled: true endpoints: keys: enabled: true import com.nimbusds.jose.jwk.JWK; import io.micronaut.security.token.jwt.endpoints.JwkProvider; import javax.inject.Singleton; import java.text.ParseException; @Singleton class ExampleJwkProvider implements JwkProvider { @Override List<JWK> retrieveJsonWebKeys() { try { return [JWK.parse(''' { "kty":"EC", "crv":"P-256", "kid":"123", “x": "kdoE0JmUQra00UWJXHBwVvQetJ_L7vXt8nuXkaftKjo", "y":"PV7FUShMZ8Jg_kc2vjxgfwswEy26w_vWvVCHAGQ9tEQ" }''')] } catch (ParseException e) { return [] as List<JWK> } } } 59 KEYS CONTROLLER - Expose a JWK Set
  60. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    60 KEYS CONTROLLER $ curl localhost:8080/keys {"keys":[{"kty":"EC","crv":"P-256","kid":"test-personal- node","x":"kdoE0JmUQra00UWJXHBwVvQetJ_L7vXt8nuXkaftKjo","y":"PV7FUShMZ8Jg_kc2vjx gfwswEy26w_vWvVCHAGQ9tEQ"}]}
  61. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    61 REMOTE JWKS VALIDATION src/main/resources/application.yml micronaut: security: enabled: true token: jwt: enabled: true signatures: jwks: securityservice: url: "http://localhost:8081/keys"
  62. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    62 SECURITY EVENTS
  63. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    63 Security Events Event Name Description LoginFailedEvent Trigger when an unsuccessful login takes place. LoginSuccessfulEvent Trigger when a successful login takes place. LogoutEvent Triggered when the user logs out. TokenValidatedEvent Trigger when a token is validated. AccessTokenGeneratedEvent Trigger when a JWT access token is generated. RefreshTokenGeneratedEvent Trigger when a JWT refresh token is generated. @Singleton class LogoutFailedEventListener implements ApplicationEventListener<LogoutEvent> { @Override void onApplicationEvent(LogoutEvent event) { println "received logout event" } }
  64. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    64 TOKEN PROPAGATION
  65. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    src/main/resources/application.yml micronaut: security: enabled: true token: jwt: enabled: true writer: header: enabled: true propagation: enabled: true service-id-regex: "recommendations|catalogue|inventory" 65 Token Propagation
  66. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    66 MICRONAUT OAUTH 2 https://micronaut-projects.github.io/micronaut-security/ snapshot/guide/#oauth
  67. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    67 OAUTH 2 build.gradle dependencies { ... .. . annotationProcessor "io.micronaut:micronaut-security" compile "io.micronaut:micronaut-security" compile “io.micronaut.configuration:micronaut-oauth2:1.0.0.BUILD-SNAPSHOT" }
  68. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    68 authorization code flow - OpenID Connect
  69. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End- User based on the authentication performed by an Authorization Server , as well as to obtain basic profile information about the End-User in a interoperable and REST-like manner. 69
  70. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    70
  71. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    71 OAUTH 2
  72. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    72 Open ID Connect Configuration src/main/resources/application.yml micronaut: security: enabled: true oauth2: enabled: true clients: cognito: client-secret: '${OAUTH_CLIENT_SECRET}' client-id: '${OAUTH_CLIENT_ID}' openid: issuer: 'https://cognito-idp.${AWS_REGION}.amazonaws.com/${COGNITO_POOL_ID}'
  73. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    73 authorization code flow - Oauth 2.0
  74. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    74
  75. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    75 Oauth Configuration src/main/resources/application.yml micronaut: security: enabled: true oauth2: enabled: true clients: github: client-id: <<my client id>> client-secret: <<my client secret>> scopes: - user:email - read:user authorization: url: https://github.com/login/oauth/authorize token: url: https://github.com/login/oauth/access_token auth-method: client-secret-post
  76. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    76 Grant type password
  77. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    77
  78. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    78
  79. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    79 Oauth Configuration src/main/resources/application.yml micronaut: security: … oauth2: … clients: github: grant-type: password
  80. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    80 Logout
  81. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    81
  82. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    82 Oauth Configuration src/main/resources/application.yml micronaut: security: … endpoints: logout: enabled: true get-allowed: true
  83. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    83 SAMPLES
  84. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    84 Micronaut Guides Guides Micronaut Basic Auth Session based Authentication Micronaut JWT Authentication Micronaut JWT Authentication with Cookies LDAP and Database authentication Providers Micronaut Token Propagation Secure a Micronaut app with Okta https://guides.micronaut.io/tags/security.html
  85. © 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com

    85 Questions?
  86. CONNECT WITH US 1+ (314) 579-0066 @objectcomputing objectcomputing.com © 2018,

    Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 86