What is the easiest way to switch from jsession based authentication to a token based authentication with Azure AD and Spring security? The documentation is not clear on other approaches to authenticate with azure AD other than the default session based one.
I am trying to see how can I validate the jwt access token using azure AD. The default implementation works with session based authentication (which will not work in a system with multiple instances.) The session-stateless property mentioned in the doc doesn't seem to have any effect on the authentication.
Spring Cloud Azure integrate Spring Security with Azure Active Directory.
You could use
spring-cloud-azure-starter-active-directory
starter to integrate with Spring Security, please refer this sample to see how to use it.For further reading, please refer the Azure Active Directory dev guide, it covers these scenarios for you: