How to use @Secured annotation with roles present in my database and authorize the azure token in grails application

Question

I am able to configure azure in my grails application and able to authorize the token.

https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/secure-your-restful-api-using-spring-cloud-azure

I have a role table in my database and I want to use @Secured annotation with roles in my local database

Answer 1

@Osipalli, Premkiran [ON CONTRACT] Thanks for reaching out. The query is more towards the Spring framework code side rather than specifically towards azure spring apps. I'm not an expert but on a quick search I think you can use Spring Security with Azure AD authentication.

implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'com.microsoft.azure:azure-active-directory-spring-boot-starter'

azure:
  activedirectory:
    tenant-id: <your-tenant-id>
    client-id: <your-client-id>
    client-secret: <your-client-secret>
    user-group:
      allowed-groups: <your-allowed-groups>

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private CustomUserDetailsService userDetailsService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/api/admin/**").hasRole("ADMIN")
                .antMatchers("/api/user/**").hasRole("USER")
                .anyRequest().authenticated()
                .and()
                .oauth2Login();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService);
    }
}