Authentication
Autenticación y autorización
Awe te permite elegir qué sistema de autenticación y autorización quieres usar, en lugar de definir uno específico.
Awe is fully compatible with the most used security solutions in the Spring Boot ecosystem like In memory, Database, LDAP, OAuth, Oauth2, ...
Spring Security en Awe
Awe proporciona beans de configuración para gestionar la seguridad en su aplicación. Puede usarlos o sobrescribirlos y crear su método de autenticación personalizado.
The security configuration is in SecurityConfig and AWEScreenSecurityAdapter classes and select the authentication method that you want.
################################################
# Authentication
################################################
# Authentication mode (ldap | bbdd | in_memory | custom)
awe.security.auth-mode=bbdd
################################################
# Custom authentication
################################################
#Provider class beans, separated by comma for multiple providers.
awe.security.auth-custom-providers=
You can always create your own Http web security config class extending WebSecurityConfigurerAdapter.
@Configuration
public class CustomSecurityConfig extends WebSecurityConfigurerAdapter {
/**
* Spring security configuration
*
* @param http Http security object
* @throws Exception Configure error
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
// Your custom configuration
}
}
Autenticación de dos factores (2FA)
We've recently developed a new two-factor authentication system based on authentication apps such as Google Authenticator.
There are three ways to manage this two-factor authentication in AWE based on the awe.totp.security.enabled property:
disabled: Two-factor authentication is disabled and it won't ask for a temporal code on access.optional: The user can enable two-factor authentication on the settings screen and temporal code will be asked on login.
force: On login, if user has not enabled two-factor authentication, a screen will raise with the QR code to force the user to enable two-factor authentication. Después de esa pantalla, se pedirá al usuario el código temporal basado en el código secreto previamente generado.
