2FA enabled fallback authentication (using Spring Security)


Technologies & Solutions

Date and time

Monday, 11. October 2021., 15:00


Hall B



From time to time, legacy systems (A.K.A. the stuff that successfully runs the enterprise business world :)) need a breath of fresh air. One such system, running healthcare processes for a big Croatian hospital was in need of a fresh new authentication module. Now, this is a story all about how the system’s life got flipped-turned upside downAnd I liked to take a minute just sit right thereI'll tell you how it got a new auth module right out of thin air :)The current user/password auth module worked but had serio.., erm, some downsides. Also, the IT department did not want to introduce a full-fledged central auth solution (such as the fabulous Red Hat Keycloak), so we had to be creative. The request was simple - the primary auth method had to be 2FA (X509 on smartcards), and a fallback auth method had to be implemented (for the staff that does not have smartcards) - also 2FA enabled. As it turns out, with a bit of digging and setting up Spring Security in a certain way, the new auth module came to be in less than a week.

Lecture details

Talk Attendence: Attendance in person
Level of difficulty: Detailed
Desirable listeners function: Software Developer or Architect
Group of activity: Technologies & Solutions

About speaker


The conference is organized by the Croatian Association of Oracle users & Croatian Java Users Association. 

Like us on Facebook

We post news, photos and other interesting facts on official JavaCro Facebook Page.

Follow us on Twitter

Keep up to date with all the news on Twitter!

Zlatni pokrovitelj

Medijski pokrovitelji