Integrating Open Policy Agent with Spring Security Reactive and JSON Web Tokens
We present a Java library that simplifies adopting the Open Policy Agent server to manage user authorization for a Spring Boot microservice, while also managing API Token (JWT) authentication. Motivation Spring Security assumes a fairly simplistic Role-Based access control (RBAC) where the service authenticates the user (via some credentials, typically username/password) and returns a UserDetails … More Integrating Open Policy Agent with Spring Security Reactive and JSON Web Tokens