javaspringspring-bootazureazure-active-directory
why it is called 'APPROLE_Admin' instead of 'Admin' in Spring boot App secured by Azure AD
I followed the article, https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-active-directory and created an App role
and assigned the user
in the spring boot application, I have to use 'APPROLE_Admin' instead of 'Admin' ? why? it is supposed to be only 'Admin', correct?
@CrossOrigin(origins = "http://localhost:8080")
@RestController
@RequestMapping("/api")
public class TutorialController {
@Autowired
TutorialRepository tutorialRepository;
@PreAuthorize("hasAuthority('APPROLE_Admin')")
@GetMapping("/tutorials")
Solution
The APPROLE_ prefix is coming from a default property configuration from Spring Cloud Azure.
spring.cloud.azure.active-directory.resource-server.claim-to-authority-prefix-map
Configure which claim will be used to build GrantedAuthority, and prefix of the GrantedAuthority’s string value. Default value is: "scp" → "SCOPE_", "roles" → "APPROLE_".
You can update the property with a desired prefix:
spring:
cloud:
azure:
active-directory:
resource-server:
claim-to-authority-prefix-map:
roles: "" # no prefix
scp: "MY_SCP_PREFIX_"
- NullPointerException in Java JDK code while performing parallelStream.forEach(..)
- Locating code that is filling PermGen with dead Groovy code
- Cannot find test class in project - "The input type of the launch configuration does not exist"
- Passing the values to the fraction class in java
- How to use different authentication methods for different paths using Spring Security
- how to fetch and validate csv header in open csv?
- 4-Sum algorithm failing with duplicate values in Java
- Error getting month while using Calendar object
- java Calendar Timezones strange stuff
- java.util.Date class with different approach for same date gives different output
- Finding out the type of invoked method in JDT
- How to get the size of a file in MB (Megabytes)?
- Exception in thread "main" java.lang.IllegalStateException: Attempted to load Config resource 'class path resource [application.yml]'
- Why does Google Calendar.Events.Watch say my request is not HTTPS
- Java - Class.forName, how to get a Field from Class
- Use of verify() method with and without times(1) parameter
- JDBC connection without database definition
- Running my testNG project from a jar using Maven
- Do subclasses inherit interfaces?
- Spring Security - how can I ask invoke access control methods directly?
- most accurate time type in java?
- How to get the currently selected application from Windows in Java
- validate the credit card expiry date using java?
- Finding the square root of a number by using binary search
- log4j : current time in milliseconds
- Why Joda DateTime gives different result than Java Date?
- Tomcat - maxThreads vs. maxConnections
- Android notification importance cannot be changed
- How to enable all endpoints in actuator (Spring Boot 2.0.0 RC1)
- Map rainbow colors to RGB