JCH
Java Community | Help. Code. Learn.2w ago
fhaedl

SPRING SECURITY

hi guys, ive just started learning about spring securit and i have some question about it. i just add 2 type of authentication regular auth (email + password) and oauth that return a JWT, my problem is those authentication cant be use at the same time, i have to add @Order(1) for specify which auth will be used, even after i changed the api route to be different each others. are there any suggestions for my case? or even is it possible to implement this approach? because i've implemented that and it still only take the higher order and can't use the other one
4 Replies
JavaBot
JavaBot2w ago
This post has been reserved for your question.
Hey @fhaedl! Please use /close or the Close Post button above when your problem is solved. Please remember to follow the help guidelines. This post will be automatically marked as dormant after 300 minutes of inactivity.
TIP: Narrow down your issue to simple and precise questions to maximize the chance that others will reply in here.
Suika
Suika2w ago
@Bean 
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
            .authorizeHttpRequests(auth -> auth
                .requestMatchers("/api/**").authenticated()
                .anyRequest().permitAll()
            )
            .httpBasic(Customizer.withDefaults())  // Enable Basic Authentication
            .oauth2ResourceServer(oauth2 -> oauth2
                .jwt(Customizer.withDefaults())    // Enable OAuth2 Resource Server
            );
        return http.build();
    } 
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
            .authorizeHttpRequests(auth -> auth
                .requestMatchers("/api/**").authenticated()
                .anyRequest().permitAll()
            )
            .httpBasic(Customizer.withDefaults())  // Enable Basic Authentication
            .oauth2ResourceServer(oauth2 -> oauth2
                .jwt(Customizer.withDefaults())    // Enable OAuth2 Resource Server
            );
        return http.build();
    }
This message has been formatted automatically. You can disable this using /preferences.
straightface
straightface2w ago
Are you doing this?
JavaBot
JavaBot2w ago
💤 Post marked as dormant
This post has been inactive for over 300 minutes, thus, it has been archived. If your question was not answered yet, feel free to re-open this post or create a new one. In case your post is not getting any attention, you can try to use /help ping. Warning: abusing this will result in moderative actions taken against you.

Did you find this page helpful?