spring-cloud-dataflow icon indicating copy to clipboard operation
spring-cloud-dataflow copied to clipboard

Published 20 hours ago verified publisher icon spring-cloud

mTLS with OAuth2 security

Open szopal opened this issue 2 years ago • 4 comments

Maybe it's not error but I don't know - Is SCDF support mTLS for OAuth login? I need connect to my credentials provider (ADFS) with mTLS.

szopal avatar May 19 '22 17:05 szopal

@szopal can you please provide more details? Are you encountering an error, if so, can you include this?

onobc avatar May 24 '22 15:05 onobc

I get error SSLHandshake because SCDF not send client certificate to ADFS server while try to get oauth token.

image

szopal avatar May 25 '22 10:05 szopal

Hi. Have you figured this out. Where are you running SCDF? On TAS/CloudFoundry or Kubernetes? Perhaps these docs will help you - https://docs.spring.io/spring-cloud-dataflow/docs/2.9.4/reference/htmlsingle/#configuration-security-oauth2

markpollack avatar Jul 20 '22 16:07 markpollack

I run SCDF in Kubernetes. But I don't want to have OAuth between my credentials provider and SCDF, I world like to have connection between SCDF and my credentials provider (SCDF) by mTLS.

szopal avatar Aug 08 '22 10:08 szopal

See #5033

markpollack avatar Oct 11 '22 14:10 markpollack

Let's time box to quick convo with with Spring Security team and if the fix is a large amount of effort, postpone to the next release.

markpollack avatar Oct 11 '22 14:10 markpollack

There is no simple configuration properties to support mTLS. It will require development to create the support. The Spring Security team does have a working example. This can be isolated within the Spring Security Authorisation Server and remove the burden from Data Flow server.

corneil avatar Oct 18 '22 10:10 corneil