I was able to migrate applications to Spring Boot 3 / Spring 6 (standalone or running on Tomcat 10) so long as authentication was NOT through Azure AD.
But when I tried to migrate applications that used Microsoft's spring-cloud-azure-starter-active-directory for authentication of 2-step authenticated webapps (the preferred approach) I started to get this error during application deploy to Tomcat 10: Cannot cast ch.qos.logback.classic.servlet.LogbackServletContainerInitializer to jakarta.servlet.ServletContainerInitializer My suspicion is that Microsoft's latest implementation is not compatible with Tomcat's approach to support log4j logging (as far as I know the approach has been around since at least Tomcat 9). But of course I could be wrong. Has anybody had any success? Was there any trick to migrating to Spring Boot 3 / Spring 6 / Tomcat 10 with 2-step authentication and authorization using Azure AD? NOTE: I did succeed with 2-step auth with Azure AD when I dropped the Microsoft spring-cloud-azure-starter-active-directory dependency and instead used the raw OAuth2 approach to connect to Azure AD. The problem though is that roles defined in Azure are not coming through to the GrantedAuthorities of the SecurityContext or Principal. I know I could extract the UPN from the Principal and then define the AD Groups in the on-premises AD instead of Azure AD, but that would require code changes and what is worse it would make me hostage to the availability of sysadmins that manage our on-premises AD... meaning weeks of delay for new AD groups. It is a hack that I'd rather not use if Azure authorization can be made to work properly. Any other advice will be welcome too. Thanks.
