SSO login using OAuthSecurityConfig using social-login-sample

adnan.khan · July 7, 2025, 11:57am

Hi,

previosly i had made changes using MySynchronizingOidcUserMapper and CustomDefaultJmixOidcUserService it was working but whenever we set the parameter as true jmix.oidc.use-default-configuration=true by default it shows sso login page and there is no screen visible for username and password login.
but the SSO login is working in above scenario.

i tried below changes for login
https://github.com/jmix-framework/jmix-samples/tree/main/social-login-sample
but when i tries to login on successfull response i am getting redirected to login page instead of getting login direct to application.

OAuthSecurityConfig.java (3.4 KB)

I had added above class as per configuration but unable to login even i am getting successfully response.

Any other changes need to be made please let me know.

i.gavrilov · July 7, 2025, 1:21pm

Hi,

You mentioned MySynchronizingOidcUserMapper and CustomDefaultJmixOidcUserService - what do you want to achieve? Does it relate to some other topic?

Can you provide some sample project and detailed description of expected functionality?

Regards,
Ivan

adnan.khan · July 7, 2025, 1:49pm

I am trying to login into application using org.springframework.security.oauth2.client.oidc which is working when i had extended these classes MySynchronizingOidcUserMapper and
CustomDefaultJmixOidcUserService

@Service
public class CustomDefaultJmixOidcUserService extends DefaultJmixOidcUserService

@Component
public class MySynchronizingOidcUserMapper extends SynchronizingOidcUserMapper<User> {

But since to login using oidc if jmix.oidc.use-default-configuration set to true then login page with username and password is not displayed instead sso login page is displayed so to display both login page i had refer to this link https://github.com/jmix-framework/jmix-samples/tree/main/social-login-sample and when i added OAuthSecurityConfig then i was able to login with username and password of normal login user and when i tried with LDAP login i was getting success response but page was getting redirected to login page instead into application if i remove OAuthSecurityConfig class then as per the previous LDAP login configuration it works but Normal login page is not displayed.
OAuthSecurityConfig.zip (1.3 KB)
oidcClasses.zip (5.3 KB)

jmix.oidc.use-default-configuration=true
spring.security.oauth2.client.registration.adfs.client-id=sdshd-283834nn-dnsnd
spring.security.oauth2.client.registration.adfs.client-secret=sdshd-283834nn-dnsnd
spring.security.oauth2.client.registration.adfs.scope=openid, profile, email
spring.security.oauth2.client.provider.adfs.issuer-uri=https://sts.domain.com/adfs
spring.security.oauth2.resourceserver.jwt.issuer-uri=https://sts.domain.com/adfs/discovery/keys
spring.security.oauth2.client.registration.adfs.redirect-uri=https://domain.com/adfs/login/oauth2/code/adfs
spring.security.oauth2.client.provider.adfs.authorization-grant-type=authorization_code
spring.security.oauth2.client.provider.adfs.authorization-uri=https://sts.domain.com/adfs/oauth2/authorize
spring.security.oauth2.client.provider.adfs.token-uri=https://sts.domain.com/adfs/oauth2/token
spring.security.oauth2.client.provider.adfs.user-name-attribute=upn

adnan.khan · July 9, 2025, 1:08pm

@i.gavrilov Any help here

i.gavrilov · July 9, 2025, 2:59pm

Hi.

Not yet.

I don’t quite understand the “chronology” of you issues & features based on your description.

Please check and confirm/deny these questions and statements:

You said you had those custom implementations and you can successfully login via OIDC using your LDAP service. So at this moment you had explicitly defined jmix.oidc.use-default-configuration=false (because if you don’t have this property at all - that means true by default).
You want to enable the jmix.oidc.use-default-configuration - what do you want to solve via this configuration if you already have a working solution? Do you need some additional features or something?
Then you go to Social Login Sample: did you want to add social login as another way of authentication or you tried to solve something else?
By Normal login do you mean standard Jmix login as some user stored in database without any extenal identity provider?

So do you have some stable state of your application from which you want to add some additional authentication feature? What variants of authentication you expected to be implemented?

Regards,
Ivan

adnan.khan · July 11, 2025, 11:16am

You said you had those custom implementations and you can successfully login via OIDC using your LDAP service. So at this moment you had explicitly defined jmix.oidc.use-default-configuration=false (because if you don’t have this property at all - that means true by default). - If i set it to true standard Jmix login is not visble, by default SSO login is displayed which is configured (spring.security.oauth2.client.provider.adfs.issuer-uri) so to apply both logic i am trying to implement Social Login Sample logic so that on single login page i can toggle both login

adnan.khan · July 11, 2025, 3:38pm

adding below code i am able to login somehow menu was in vertical it is now getting displayed in horizontal
Screenshot from 2025-07-11 21-07-01

.successHandler((request, response, authentication) -> {
                                    //redirect to the main screen after successful authentication using auth provider
                                    new DefaultRedirectStrategy().sendRedirect(request, response, "/#main");
                                });