Hi All,
Is there an example to specifically showing how to use Spring Security with Vaadin Flow (Vaadin 12)?
Teddy L.
Hi All,
Is there an example to specifically showing how to use Spring Security with Vaadin Flow (Vaadin 12)?
Teddy L.
You could download this project https://vaadin.com/start/latest/full-stack-spring
It demonstrates how to use Vaadin Flow with Spring Boot including Security.
Tatu Lund:
You could download this project https://vaadin.com/start/latest/full-stack-springIt demonstrates how to use Vaadin Flow with Spring Boot including Security.
Looked at that but for a newbie like me the Bakery app is very complex, but gives a few ideas. Like I added the maven dependency for spring-boot-starter-security, just adding this i got the login window. I further created a configuration class that extends the WebSecurityCongurerAdaptor spring class as follows:
@Configuration
@EnableWebSecurity
public class SecurityCOnfiguration extends WebSecurityConfigurerAdapter {
@Override
proetected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/**").permitAll();
}
}
When I try to access the chatapp, i am getting the error:
Server connection lost, trying to reconnect…
When I disable security my chatapp starts working.
The chatapp am using is the one in the examples.
Teddy L.
I have implemented security very basic following the Bakery App. My Java Security Configuration looks like this now:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/")
.permitAll()
.anyRequest()
.authenticated();
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers(
"/VAADIN/**",
"/frontend/**",
"/images/**",
"/frontend-es5/**", "/frontend-es6/**"
);
}
}
The application is working. But I have noticed that accessing other “routes” like “ui/mypage” using the app its opening but when i refresh the page “ui/mypage” using browser the page is being blocked as restricted which i want to happen when i click on the menu. How does vaadin enforce this configuration when making a call via route mechanism behaviour (ajax).
Teddy L.
Hi,
we added a new tutorial about Spring Security and Vaadin: https://vaadin.com/tutorials/securing-your-app-with-spring-security
Maybe, it’s worth a try for you? Also, I am very interested in feedback for future improvements. One additional suggestion was to talk about the new Vaadin login component that simplifies the whole task a lot.
Cheers,
Paul