DMC/scipro
7
0
Fork 0
Code Issues39 Pull Requests8 Actions Projects1 Releases Wiki Activity
18,234 Commits 12 Branches 419 Tags
615953117d
Go to file
Andreas Svanberg 615953117d Switch to Spring Security for authentication and allow local OAuth 2 log in 
Instead of storing the current user in the Wicket session, let Spring Security handle it. The CurrentUser implementation has been changed to look it up from there instead of the Wicket session.

Also enable, in addition to Shibboleth (pre-authenticated remote user), OAuth 2 login which removes the need for the locally modified web.xml with a faked remote user. The Docker Compose file has been updated to run a OAuth 2 container for this type of login.
2024-11-26 12:51:06 +01:00
.gitea/workflows
Build and test on each push ()
2024-10-30 10:19:50 +01:00
.mvn/wrapper
Build and test on each push ()
2024-10-30 10:19:50 +01:00
api
Enable creating an API using Spring Web ()
2024-11-06 11:23:28 +01:00
core
Switch to Spring Security for authentication and allow local OAuth 2 log in
2024-11-26 12:51:06 +01:00
daisy-integration
Switch to Spring Security for authentication and allow local OAuth 2 log in
2024-11-26 12:51:06 +01:00
resources/db_update_scripts
new db file
2013-10-10 11:16:14 +09:00
view
Switch to Spring Security for authentication and allow local OAuth 2 log in
2024-11-26 12:51:06 +01:00
war
Switch to Spring Security for authentication and allow local OAuth 2 log in
2024-11-26 12:51:06 +01:00
.gitignore
Enable creating an API using Spring Web ()
2024-11-06 11:23:28 +01:00
.mailmap
Updated git mailmap.
2015-02-05 15:56:03 +01:00
docker-compose.yml
Switch to Spring Security for authentication and allow local OAuth 2 log in
2024-11-26 12:51:06 +01:00
GetToken.java
Enable creating an API using Spring Web ()
2024-11-06 11:23:28 +01:00
mvnw
Build and test on each push ()
2024-10-30 10:19:50 +01:00
mvnw.cmd
Build and test on each push ()
2024-10-30 10:19:50 +01:00
owasp.xml
Supress bogus security vulnerability
2024-04-22 09:30:47 +02:00
parallel.sh
Bash script to enable parallel deployment.
2014-05-08 09:54:39 +02:00
pom.xml
Enable creating an API using Spring Web ()
2024-11-06 11:23:28 +01:00
README.md
Switch to Spring Security for authentication and allow local OAuth 2 log in
2024-11-26 12:51:06 +01:00

README.md

Working with the web GUI (Wicket)

The web GUI is protected by OAuth 2 log in. Run the Docker Compose containers with docker compose up to start the authorization server to be able to log in.

Working with the API

The API is protected by OAuth 2 acting as a resource server verifying tokens using token introspection.

When developing it uses a locally running instance of an authorization server that is run inside Docker. It can be started with docker compose -f docker-compose.yml up. Since there is no frontend to interact with the authorization server there's a helper script in GetToken.java that can be run directly with java GetToken.java to run through the authorization flow and get an access token.

Once the token has been obtained go to the Swagger UI to interact with the API. Click the "Authorize" button in the top right and paste the access token to log in.

Description
No description provided
Readme 73 MiB
Languages
Java 91%
HTML 8.6%
CSS 0.3%
JavaScript 0.1%