Broadleaf Microservices

Security

Overview

Broadleaf provides several mechanisms to support a variety of security concerns. One of the backbone services that drives many of the security aspects across the suite of Broadleaf microservices originates from the Auth Service. Broadleaf’s Auth Service serves as both an extensible Authentication Provider and an Authorization Server. The Auth Service can be used by customers and admins to generate secure OAuth2 tokens (JWT) to access resource endpoints across various services. These Broadleaf JWT tokens work in conjunction with Broadleaf’s security model which uses a custom framework @Policy annotation that allows for both role-based and ownership validation.

Authentication & Authorization

The Auth Service serves as both an authentication and authorization server. The mechanisms in this service are structured on top of core Spring Security OAuth2 configurations and is built for extension. At the end of the day, the Auth Service produces several JWT Tokens, including an Access Token with claims that can be used to call various Broadleaf microservices. More details can be found within the Auth Services documentation.

Scopes & Permissions

The OAuth2 spec defines a Scope as a mechanism to limit an application’s access to a user’s account. A scope may be a set of permissions an application might want authorization for.

In Broadleaf, a scope might be a "PRODUCT", and contain the "READ_PRODUCT", "CREATE_PRODUCT", "UPDATE_PRODUCT", "DELETE_PRODUCT" permissions

Policy

Broadleaf provides a companion library ( broadleaf-oauth2-resource-security) which is included as a dependency on all of Broadleaf microservices.

This library provides common security model functionality and works in conjunction with the JWT tokens produced by the Auth service to:

  • decode, extract, and validate compliant access tokens

  • verify token claims, and perform any additional system validation and filtration concerns

  • provide an easy to use @Policy annotation that can be placed on applicable methods to facilitate security gating

What Problems does Policy Solve?

A policy was introduced as a first class component of the Broadleaf framework in order to facilitate additional security layer dimensions that are specific to Broadleaf and would not otherwise be supported by out-of-box Spring Security concepts like @PreAuthorize. Specifically, policies in Broadleaf:

  • Allow access to resources or functions to only users with correct:

    • Access to the requested context (ContextInfo)

    • Permissions for the requested resource (eg. Product)

    • Permissions for the requested operation (eg. Read vs Update)

    • Ownership of the requested resource (eg. Customer’s own profile)

  • Prevent access to trackable resources from the wrong context

  • Prevent mutation of trackable resources from the wrong context

Typical Configuration and Extensions

The following section describes various configuration and extensions regarding security for the framework.