Presentation at GR8Conf EU 2019 about the security options offered by Micronaut.
objectcomputing.com© 2018, Object Computing, Inc. (OCI). All rights reserved. No part of these notes may be reproduced, stored in a retrieval system, ortransmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior, writtenpermission of Object Computing, Inc. (OCI)MICRONAUT SECURITYSERGIO DEL AMO
View Slide
© 2018, Object Computing, Inc. (OCI). All rights reserved.© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 2• MICRONAUT / GRAILS OCI TEAM• GUADALAJARA, SPAIN• CURATOR OF GROOVYCALAMARI.COM• PODCAST HOST OF PODCAST.GROOVYCALAMARI.COM• GREACH Conference organizer• @SDELAMO• HTTP://SERGIODELAMO.ESSERGIO DEL AMO
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 3CONTROLLER EXAMPLE@Controller(“/books")public class BookController {@Getpublic List index() {return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 4INSTALLATION
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 5SECURITY INSTALLATIONdependencies {......annotationProcessor "io.micronaut:micronaut-security"compile "io.micronaut:micronaut-security"}build.gradlesrc/main/resources/application.ymlmicronaut:security:enabled: true
© 2018, Object Computing, Inc. (OCI). objectcomputing.com 6SECURED BY DEFAULT
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 7Security Filter
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 8ANONYMOUS ACCESS
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 9@Secured IS_ANONYMOUSimport io.micronaut.security.annotation.Secured;@Controller(“/books")public class BookController {@Secured(SecurityRule.IS_ANONYMOUS)@Getpublic List index() {return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 10@Secured IS_ANONYMOUSimport io.micronaut.security.annotation.Secured;@Secured(SecurityRule.IS_ANONYMOUS)@Controller(“/books")public class BookController {@Getpublic List index() {return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 11JSR_250 annotationsimport javax.annotation.security.PermitAll;@Controller(“/books")public class BookController {@PermitAll@Getpublic List index() {return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 12INTERCEPT URL MAPsrc/main/java/example/micronaut/BookController.java@Controller(“/books")public class BookController {@Getpublic List index() {return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}src/main/resources/application.ymlmicronaut:security:enabled: trueintercept-url-map:-pattern: "/books"http-method: GETaccess:- isAnonymous()
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 13INTERCEPT URL MAP for STATIC RESOURCESsrc/main/resources/application.ymlmicronaut:router:static-resources:default:enabled: truemapping: /static/**paths:- classpath: publicsecurity:enabled: trueintercept-url-map:-pattern: "/static/logo.png"http-method: GETaccess:- isAnonymous()
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 14BASIC AUTH
© 2018, Object Computing, Inc. (OCI). objectcomputing.com 15BASIC AUTH
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 16Basic Auth
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 17Basic Auth
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 18BASIC AUTHimport javax.inject.Singleton@Singletonpublic class ExampleAuthenticationProvider implements AuthenticationProvider {@Overridepublic Publisher authenticate(AuthenticationRequest authenticationRequest) {if (authenticationRequest.getIdentity().equals("user") &&authenticationRequest.getSecret().equals("password"))) {UserDetails u = new UserDetails(authenticationRequest.getIdentity(),Arrays.asList("ROLE_USER"));return Flowable.just(u);}return Flowable.just(new AuthenticationFailed());}}$ curl - u name:password http://micronaut.example/bookscurl with basic auth
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 19DELEGATING AUTHENTICATION PROVIDER
© 2018, Object Computing, Inc. (OCI). objectcomputing.com 20DELEGATION AUTHENTICATION PROVIDER
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 21DELEGATING AUTHENTICATION PROVIDERimport javax.inject.Singleton@CompileStatic@Singletonclass UserFetcherService implements UserFetcher {protected final UserGormService userGormServiceUserFetcherService(UserGormService userGormService) {this.userGormService = userGormService}@OverridePublisher findByUsername(String username) {UserState user = userGormService.findByUsername(username) as UserState(user ? Flowable.just(user) : Flowable.empty()) as Publisher}}implementation of UserFetcher
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 22DELEGATING AUTHENTICATION PROVIDERpackage example.micronaut.servicesimport io.micronaut.security.authentication.providers.AuthoritiesFetcherimport io.reactivex.Flowableimport org.reactivestreams.Publisherimport javax.inject.Singleton@Singletonclass AuthoritiesFetcherService implements AuthoritiesFetcher {protected final UserRoleGormService userRoleGormServiceAuthoritiesFetcherService(UserRoleGormService userRoleGormService) {this.userRoleGormService = userRoleGormService}@OverridePublisher> findAuthoritiesByUsername(String username) {Flowable.just(userRoleGormService.findAllAuthoritiesByUsername(username))}}implementation of AuthoritiesFetcher
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 23DELEGATING AUTHENTICATION PROVIDERimport io.micronaut.security.authentication.providers.PasswordEncoderimport org.springframework.security.crypto.bcrypt.BCryptPasswordEncoderimport javax.inject.Singleton@Singletonclass BCryptPasswordEncoderService implements PasswordEncoder {org.springframework.security.crypto.password.PasswordEncoder delegate = new BCryptPasswordEncoder()String encode(String rawPassword) {return delegate.encode(rawPassword)}@Overrideboolean matches(String rawPassword, String encodedPassword) {return delegate.matches(rawPassword, encodedPassword)}}implementation of PasswordEncoderdependencies {...compile “org.springframework.security:spring-security-crypto:5.2.5.RELEASE”}build.gradle
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 24SESSION BASED AUTHENTICATION
© 2018, Object Computing, Inc. (OCI). objectcomputing.com 25Session Auth
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 26SESSION AUTHdependencies {......annotationProcessor "io.micronaut:micronaut-security"compile "io.micronaut:micronaut-security-session"}build.gradlesrc/main/resources/application.ymlmicronaut:security:enabled: truesession:enabled: true
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 27SECURITY SESSION CLI INSTALLATION$ mn create-app my-app --features security-sessionMICRONAUT SECURITY SESSION
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 28ENDPOINTS
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 29LOGIN CONTROLLERsrc/main/resources/application.ymlmicronaut:security:enabled: trueendpoints:login:enabled: true
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 30LOGOUT CONTROLLERsrc/main/resources/application.ymlmicronaut:security:enabled: trueendpoints:logout:enabled: true
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 31AUTHENTICATION
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 32@Secured IS_AUTHENTICATEDimport io.micronaut.security.annotation.Secured;@Controller(“/books")public class BookController {@Secured(SecurityRule.IS_AUTHENTICATED)@Getpublic List index() {return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 33@Secured IS_AUTHENTICATEDimport io.micronaut.security.annotation.Secured;@Secured(SecurityRule.IS_AUTHENTICATED)@Controller(“/books")public class BookController {@Getpublic List index() {return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 34AUTHORIZATION
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 35AUTHORIZATIONimport io.micronaut.security.annotation.Secured;@Controller("/books")public class BookController {@Secured({"ROLE_ADMIN","ROLE_USER"})@Getpublic List index() {return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 36JSR_250 annotationsimport javax.annotation.security.RolesAllowed;@Controller("/books")public class BookController {@RolesAllowed({"ROLE_ADMIN","ROLE_USER"})@Getpublic List index() {return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 37RETRIEVE CURRENT USER
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 38Retrieve the Authenticated Userimport io.micronaut.security.annotation.Secured;import java.security.Principal;import javax.annotation.Nullable;@Controller(“/books")public class BookController {@Secured(SecurityRule.IS_ANONYMOUS)@Getpublic List index(@Nullable Principal principal) {if (principal != null && principal.getName().equals("Harry Potter”)) {return Arrays.asList(new Book("9781781102459", "Philosopher's Stone”));}return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 39Retrieve the Authenticated Userimport io.micronaut.security.annotation.Secured;import java.security.Principal;@Controller(“/books")public class BookController {@Secured(SecurityRule.IS_AUTHENTICATED)@Getpublic List index(Principal principal) {if (principal.getName().equals("Harry Potter”)) {return Arrays.asList(new Book("9781781102459", "Philosopher's Stone”));}return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 40Retrieve the Authenticated Userimport io.micronaut.security.annotation.Secured;import io.micronaut.security.authentication.Authentication;@Controller(“/books")public class BookController {@Secured(SecurityRule.IS_AUTHENTICATED)@Getpublic List index(Authentication authentication) {if (authentication.getName().equals("Harry Potter”)) {return Arrays.asList(new Book("9781781102459", "Philosopher's Stone”));}return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 41Retrieve the Authenticated Userimport io.micronaut.security.annotation.Secured;import io.micronaut.security.authentication.Authentication;@Controller("/books")public class BookController {private final SecurityService securityService;public BookController(SecurityService securityService) {this.securityService = securityService;}@Secured(SecurityRule.IS_AUTHENTICATED)@Getpublic List index() {if (securityService.getAuthentication().getName().equals(“Harry Potter”)) {return Arrays.asList(new Book("9781781102459", "Philosopher's Stone”));}return Arrays.asList(new Book("1491950358", "Building Microservices"),new Book("1680502395", "Release It!"),new Book("0321601912", "Continuous Delivery"));}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 42LDAP
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 43LDAPsrc/main/resources/application.ymlmicronaut:...security:.....ldap:default:enabled: truecontext:server: 'ldap://ldap.forumsys.com:389'managerDn: 'cn=read-only-admin,dc=example,dc=com'managerPassword: 'password'search:base: "dc=example,dc=com"groups:enabled: truebase: "dc=example,dc=com"build.gradledependencies {......annotationProcessor "io.micronaut:micronaut-security"compile "io.micronaut:micronaut-security"compile "io.micronaut.configuration:micronaut-security-ldap"}LDAP authentication in Micronaut supportsconfiguration of one or more LDAP servers toautehtnicate with.Each server has it’s own settings and can beenabled or disabled
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 44JWT
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 45SECURITY JWT INSTALLATIONdependencies {......annotationProcessor "io.micronaut:micronaut-security"compile "io.micronaut:micronaut-security-jwt"}build.gradlesrc/main/resources/application.ymlmicronaut:security:enabled: truetoken:jwt:enabled: true
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 46SECURITY JWT CLI INSTALLATION$ mn create-app my-app --features security-jwtMICRONAUT SECURITY JWT
© 2018, Object Computing, Inc. (OCI). objectcomputing.com 47Bearer Token
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 48Security Filter
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 49LOGIN CONTROLLER JWT Bearer authentication
© 2018, Object Computing, Inc. (OCI). objectcomputing.com 50COOKIE JWT
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 51Security Filter
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 52LOGIN CONTROLLER JWT Bearer authentication
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 53JWT Signature Generation and ValidationTo enable a JWT signature in token generation, you need to have in your app a bean of typeRSASignatureGeneratorConfiguration, ECSignatureGeneratorConfiguration, SecretSignatureConfiguration qualifiedwith name generator.To verify signed JWT tokens, you need to have in your app a bean of type RSASignatureConfiguration,RSASignatureGeneratorConfiguration, ECSignatureGeneratorConfiguration, ECSignatureConfiguration, orSecretSignatureConfiguration.
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 54JWT Configurationsrc/main/resources/application.ymlmicronaut:security:enabled: truetoken:jwt:enabled: truesignatures:secret:generator:secret: pleaseChangeThisSecretForANewOnejws-algorithm: HS256
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 55Claims ValidationBean DescriptionExpirationJwtClaimsValidator Validate JWT is not expired.SubjectNotNullJwtClaimsValidator Validate JWT subject claim is not null.io.micronaut.security.token.jwt.validator.GenericJwtClaimsValidatorProvide your own!
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 56RFRESH CONTROLLERsrc/main/resources/application.ymlmicronaut:security:enabled: trueendpoints:oauth:enabled: true
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 57JSON Web Key JWKA JSON Object that represents a cryptographic key. The members of the object represent properties of the key,including its value.{"kty":"EC","crv":"P-256","kid":"test-personal-node","x":"kdoE0JmUQra00UWJXHBwVvQetJ_L7vXt8nuXkaftKjo","y":"PV7FUShMZ8Jg_kc2vjxgfwswEy26w_vWvVCHAGQ9tEQ"}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 58JWK SetA JSON object that represents a set of JWKs. The JSON object MUSThave a "keys" member, which is an array of JWKs.{"keys": [{"kty":"EC","crv":"P-256","kid":"123","x":"kdoE0JmUQra00UWJXHBwVvQetJ_L7vXt8nuXkaftKjo","y":"PV7FUShMZ8Jg_kc2vjxgfwswEy26w_vWvVCHAGQ9tEQ"}]}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.comsrc/main/resources/application.ymlmicronaut:security:enabled: trueendpoints:keys:enabled: trueimport com.nimbusds.jose.jwk.JWK;import io.micronaut.security.token.jwt.endpoints.JwkProvider;import javax.inject.Singleton;import java.text.ParseException;@Singletonclass ExampleJwkProvider implements JwkProvider {@OverrideList retrieveJsonWebKeys() {try {return [JWK.parse('''{"kty":"EC","crv":"P-256","kid":"123",“x": "kdoE0JmUQra00UWJXHBwVvQetJ_L7vXt8nuXkaftKjo","y":"PV7FUShMZ8Jg_kc2vjxgfwswEy26w_vWvVCHAGQ9tEQ"}''')]} catch (ParseException e) {return [] as List}}}59KEYS CONTROLLER - Expose a JWK Set
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 60KEYS CONTROLLER$ curl localhost:8080/keys{"keys":[{"kty":"EC","crv":"P-256","kid":"test-personal-node","x":"kdoE0JmUQra00UWJXHBwVvQetJ_L7vXt8nuXkaftKjo","y":"PV7FUShMZ8Jg_kc2vjxgfwswEy26w_vWvVCHAGQ9tEQ"}]}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 61REMOTE JWKS VALIDATIONsrc/main/resources/application.ymlmicronaut:security:enabled: truetoken:jwt:enabled: truesignatures:jwks:securityservice:url: "http://localhost:8081/keys"
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 62SECURITY EVENTS
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 63Security EventsEvent Name DescriptionLoginFailedEvent Trigger when an unsuccessful login takes place.LoginSuccessfulEvent Trigger when a successful login takes place.LogoutEvent Triggered when the user logs out.TokenValidatedEvent Trigger when a token is validated.AccessTokenGeneratedEvent Trigger when a JWT access token is generated.RefreshTokenGeneratedEvent Trigger when a JWT refresh token is generated.@Singletonclass LogoutFailedEventListener implements ApplicationEventListener {@Overridevoid onApplicationEvent(LogoutEvent event) {println "received logout event"}}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 64TOKEN PROPAGATION
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.comsrc/main/resources/application.ymlmicronaut:security:enabled: truetoken:jwt:enabled: truewriter:header:enabled: truepropagation:enabled: trueservice-id-regex: "recommendations|catalogue|inventory"65Token Propagation
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 66MICRONAUT OAUTH 2https://micronaut-projects.github.io/micronaut-security/snapshot/guide/#oauth
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 67OAUTH 2build.gradledependencies {......annotationProcessor "io.micronaut:micronaut-security"compile "io.micronaut:micronaut-security"compile “io.micronaut.configuration:micronaut-oauth2:1.0.0.BUILD-SNAPSHOT"}
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 68authorization code flow - OpenID Connect
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.comOpenID Connect 1.0 is a simple identity layer on top of the OAuth2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an AuthorizationServer , as well as to obtain basic profile information about theEnd-User in a interoperable and REST-like manner.69
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 70
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 71OAUTH 2
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 72Open ID Connect Configurationsrc/main/resources/application.ymlmicronaut:security:enabled: trueoauth2:enabled: trueclients:cognito:client-secret: '${OAUTH_CLIENT_SECRET}'client-id: '${OAUTH_CLIENT_ID}'openid:issuer: 'https://cognito-idp.${AWS_REGION}.amazonaws.com/${COGNITO_POOL_ID}'
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 73authorization code flow - Oauth 2.0
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 74
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 75Oauth Configurationsrc/main/resources/application.ymlmicronaut:security:enabled: trueoauth2:enabled: trueclients:github:client-id: <>client-secret: <>scopes:- user:email- read:userauthorization:url: https://github.com/login/oauth/authorizetoken:url: https://github.com/login/oauth/access_tokenauth-method: client-secret-post
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 76Grant type password
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 77
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 78
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 79Oauth Configurationsrc/main/resources/application.ymlmicronaut:security:…oauth2:…clients:github:grant-type: password
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 80Logout
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 81
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 82Oauth Configurationsrc/main/resources/application.ymlmicronaut:security:…endpoints:logout:enabled: trueget-allowed: true
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 83SAMPLES
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 84Micronaut GuidesGuidesMicronaut Basic AuthSession based AuthenticationMicronaut JWT AuthenticationMicronaut JWT Authentication with CookiesLDAP and Database authentication ProvidersMicronaut Token PropagationSecure a Micronaut app with Oktahttps://guides.micronaut.io/tags/security.html
© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 85Questions?
CONNECT WITH US1+ (314) 579-0066@objectcomputingobjectcomputing.com© 2018, Object Computing, Inc. (OCI). All rights reserved. objectcomputing.com 86