cloud-objectstore-java-sample icon indicating copy to clipboard operation
cloud-objectstore-java-sample copied to clipboard
verified publisher icon SAP-samples

How to add authentication?

Open manjunathgudisi opened this issue 5 years ago • 7 comments

Hi- I have deployed this app on my SCP account successfully. Now, I would need to protect the app and add authentication while consuming the APIs. I was following this tutorial - https://developers.sap.com/tutorials/s4sdk-secure-cloudfoundry.html but unable to proceed from Step3 as we dont have application/src/main/webapp/WEB-INF/web.xml in this project. Could you please me how to protect the APIs by adding XSUAA. Thanks, Manju

manjunathgudisi avatar Sep 04 '20 15:09 manjunathgudisi

Hi Manju, You can follow the steps in the tutorial https://developers.sap.com/tutorials/s4sdk-secure-cloudfoundry.html for all steps except step 3. instead of step 3, can you try to add

<dependency>
	<groupId>com.sap.cloud.security.xsuaa</groupId>
	<artifactId>xsuaa-spring-boot-starter</artifactId>
	<version>2.3.2</version>
</dependency>

and add the file: https://github.com/SAP-samples/cloud-espm-cloud-native/blob/master/product-service/src/main/java/com/sap/refapps/espm/config/AppSecurityConfig.java to the objectStore projects config folder - https://github.com/SAP-samples/cloud-objectstore-java-sample/tree/master/src/main/java/com/sap/refapps/objectstore/config

indusankar89 avatar Sep 07 '20 11:09 indusankar89

Thank you @indusankar89 I will follow the steps and let you know the status. Thank you for your help.

manjunathgudisi avatar Sep 07 '20 14:09 manjunathgudisi

Gettting this error while building the app after following the steps... [47,39] cannot find symbol [ERROR] symbol: method oauth2ResourceServer() [ERROR] location: class org.springframework.security.config.annotation.web.builders.HttpSecurity

sathisha-bettegowda avatar Sep 07 '20 16:09 sathisha-bettegowda

Hi @sathisha-bettegowda when did you get the above error? during build/deploy? I tried to build and deploy by adding the mentioned dependency and file and it was successful..

indusankar89 avatar Sep 08 '20 06:09 indusankar89

thanks @indusankar89
modifying this helped

<parent>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-starter-parent</artifactId>
	<version>2.2.4.RELEASE</version>
	<relativePath /> <!-- lookup parent from repository -->
</parent>

sathisha-bettegowda avatar Sep 09 '20 14:09 sathisha-bettegowda

@indusankar89 After deploying the app router, we are getting unauthorized error, when we are trying to post anything to object, Below are the sample of GET and POST request. Could you please help us to understand what we are missing here, image

image

Also in the xs-seurity.json, scope is limited to viewing. "scopes": [ { "name": "$XSAPPNAME.Display", "description": "display" } ], "role-templates": [ { "name": "Viewer", "description": "Required to view things in our solution", "scope-references" : [ "$XSAPPNAME.Display" ] } does this affect uploading/deleting files from object store?

sathisha-bettegowda avatar Sep 09 '20 14:09 sathisha-bettegowda

Hi @indusankar89
Could please help us above.

manjunathgudisi avatar Sep 18 '20 05:09 manjunathgudisi