Setting up with Spring OAuth2

This section describes how to setup and configure SecMan authorizor combined with Spring being used as the authenticator, configured with OAuth2.

In this scenario, we require that SecMan automatically creates any ApplicationUsers as delegated users, meaning that they are defined externally (in the OAuth2 external store).

We use an extension module to register a service that performs this task.

Configuration

Update your pom.xml:

pom.xml

<dependencies>
    <dependency>
        <groupId>org.apache.causeway.extensions</groupId>
        <artifactId>causeway-extensions-secman-delegated-spring-oauth2</artifactId>    (1)
    </dependency>
</dependencies>

And update your AppManifest:

AppManifest.java

@Configuration
@Import({
        ...
        CausewayModuleExtSecmanDelegatedSpringOauth2.class,
        ...
})
public class AppManifest {
}

ApplicationUsers cannot be DISABLED

This integration has one small limitation: it is not possible to disable delegated ApplicationUsers. Or rather, they can be disabled, but this will have no effect; the user will still be able to log in.