2
Good afternoon, you guys. I have an application where I receive a JWT token, login is treated in a separate application and in this token I get the roles. I need to use Spring Security to validate it and treat access permission to endpoints and if access is allowed to send an object to be used by the system. I put together a code where you do what I want, but I don’t know if it was the best way. I was left with this doubt, because the object I need includes within the class Authentication Detail:
final UserDetails userDetails = userDetailsService.loadUserByUsername("");
final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
userDetails, null, userDetails.getAuthorities());
authentication.setDetails("bla bla bla")));
SecurityContextHolder.getContext().setAuthentication(authentication);
As it is possible to check in the code I did not use any data to validate the login (because it is not treated in this application). I don’t know if this is a good approach, if someone can help me with a better idea or know the correct practice for this scenario I thank.
Vlwww
[]'s