Spring Security with Multi-Tenant Architecture
I wonder if anyone has worked with Spring Security with a Multi-Tenant architecture.
I am a little at a loss with this implementation and would like to explore some examples if possible.
Regards
In a multitasking application, authentication and authorization will need to capture the details of the tenant. Thus, in the request, you need to specify the details of the third tenant along with the username and password. You can have a custom UserDetailsService implementation that loads tenant data based on a web request. You need to keep UserDetails
loaded in your own UserDetails implementation . This will take care of the authentication.
You will need to make a code to use the tenant token for authorization. Depending on the type of authorization (database / JaaS / OAuth / Spring based security) you need to enhance this module and pass tenant data in order to use the tenant.