Hi,
I’m trying to use Spring Security for authentication. I’ve configured the AuthenticationProvider and WebSecurityConfigurerAdapter configured
Here’s part of my WebSecurityConfigurerAdapter configuration:
Hi Harvey,
Spring Security takes care of Authentication (and Authorization, although that’s not relevant, for now). It makes the current user’s identity available in a SecurityContextHolder. From there, you can access who has authenticated against the request that is currently being executed.
In Axon, you’d have to configure a DispatchInterceptor that attaches relevant information from this SecurityContextHolder into the message’s meta data. On the receiving side, you can read this data from the meta data (and optionally set up a SecurityContext, if necessary).
Your question 2 is very much a Spring Security question. Please check the Spring Security documentation.
Question 3: essentially, you would pass “proof of security” with each message, such as userID or a token (such as jwt tokens).
Cheers,
Allard