This commit is contained in:
ZhijunZhao 2017-08-31 11:48:33 +08:00 коммит произвёл GitHub
Родитель 37d5344d3a
Коммит f4e151462a
2 изменённых файлов: 7 добавлений и 3 удалений

Просмотреть файл

@ -17,11 +17,14 @@ This repo is for Spring Boot Starters of Azure services. It helps Spring Boot de
Below starters are available. You can find them in [Maven Central Repository](https://search.maven.org/).
- [azure-ad-integration-spring-boot-starter](activedirectory/azure-ad-integration-spring-boot-starter/README.md)
- [azure-cloud-foundry-service](cloudfoundry/azure-cloud-foundry-service/README.md)
- [azure-documentdb-spring-boot-starter](documentdb/azure-documentdb-spring-boot-starter/README.md)
- [azure-keyvault-secrets-spring-boot-starter](keyvault/azure-keyvault-secrets-spring-boot-starter/README.md)
- [azure-mediaservices-spring-boot-starter](mediaservices/azure-mediaservices-spring-boot-starter/README.md)
- [microsoft-graph-spring-social-starter](microsoft-graph/microsoft-graph-spring-social-starter-sample/README.md)
- [azure-servicebus-spring-boot-starter](servicebus/azure-servicebus-spring-boot-starter/README.md)
- [azure-storage-spring-boot-starter](storage/azure-storage-spring-boot-starter/README.md)
- [microsoft-graph-spring-social-starter](microsoft-graph/microsoft-graph-spring-social-starter-sample/README.md)
### How to Build and Contribute

Просмотреть файл

@ -13,8 +13,9 @@ List all the AAD groups `ActiveDirectoryGroups` that you want to have a Spring S
`azure.activedirectory.ActiveDirectoryGroups=group1,group2`
You can use `@PreAuthorize` annotation or `UserPrincipal` to manage access to web API based on user's group membership. You will need to change `ROLE_group1` to groups you want to allow to access the API or you will get "Access is denied".
##### Note: The sample retrieves user's group membership using Azure AD graph API which requires the registered app to have `Access the directory as the signed-in user` under `Delegated Permissions`. You need AAD admin privilege to be able to grant the permission in API ACCESS -> Required permission.
##### Note:
- The sample retrieves user's group membership using Azure AD graph API which requires the registered app to have `Access the directory as the signed-in user` under `Delegated Permissions`. You need AAD admin privilege to be able to grant the permission in API ACCESS -> Required permission.
- Add `http://localhost:8080` as one of the `Reply URLs` in the settings of your registered app.
#### Angular JS
In `app.js`, make following changes. The client leverages Azure AD library for JS to handle AAD authentication in single page application. The following snippet of code configures adal provider for your registered app.