From b89c244457566273659d4d4945747427e3ad5be4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Wacongne?= Date: Thu, 28 Nov 2024 10:48:24 -1000 Subject: [PATCH] Update README.md --- samples/webmvc-jwt-default/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/samples/webmvc-jwt-default/README.md b/samples/webmvc-jwt-default/README.md index bf7c6bbe3..71c51c408 100644 --- a/samples/webmvc-jwt-default/README.md +++ b/samples/webmvc-jwt-default/README.md @@ -1,4 +1,4 @@ -# Servlet Resource Server With JWT Decoder Using `spring-addons-webmvc-jwt-resource-server` +# Servlet Resource Server With JWT Decoder Using `spring-addons-starter-oidc` In this sample, we use a thin wrapper around `spring-boot-starter-oauth2-resource-server` to configure a Spring Boot 3 servlet (WebMVC) resource server using almost only application properties. ## 0. Disclaimer @@ -106,7 +106,7 @@ Really nothing special there, just standard Spring components with method securi Source code contains unit and integration testing for all access control rules. This covers `@Controller` off course, but also `@Service` and `@Repository` (the later two being impossible with OAuth2 and just `spring-security-test`). Make sure you give it an eye. ## 6. Conclusion -In this sample, we used `spring-addons-webmvc-jwt-resource-server`, a thin wrapper around `spring-boot-starter-oauth2-resource-server`, to configure a servlet (WebMVC) Spring Boot 3 resource server using possibly only application properties with: +In this sample, we used `spring-addons-starter-oidc`, in addition to `spring-boot-starter-oauth2-resource-server`, to configure a servlet (WebMVC) Spring Boot 3 resource server using possibly only application properties with: - stateless session management - disabled CSRF (because of disabled sessions) - fine-grained CORS configuration (and we could easily change the allowed origins when deploying to new environments)