diff --git a/beer-catalog-service/pom.xml b/beer-catalog-service/pom.xml
index c7c54c9..21e8174 100644
--- a/beer-catalog-service/pom.xml
+++ b/beer-catalog-service/pom.xml
@@ -24,24 +24,9 @@
         <java.version>1.8</java.version>
         <spring-cloud.version>Dalston.RELEASE</spring-cloud.version>
         <bouncycastle.version>1.56</bouncycastle.version>
-        <juiser.version>1.0.0</juiser.version>
     </properties>
 
     <dependencies>
-        <dependency>
-            <!-- To handle the X-Forwarded-User header: -->
-            <groupId>org.juiser</groupId>
-            <artifactId>juiser-spring-boot-starter</artifactId>
-            <version>${juiser.version}</version>
-        </dependency>
-        <dependency>
-            <!-- So juiser can read *.pem public key files to verify the signature of the JWT in the
-                 X-Forwarded-User header: -->
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcpkix-jdk15on</artifactId>
-            <version>${bouncycastle.version}</version>
-            <scope>runtime</scope>
-        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-security</artifactId>
@@ -54,6 +39,14 @@
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-web</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security.oauth</groupId>
+            <artifactId>spring-security-oauth2</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-jwt</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-actuator</artifactId>
diff --git a/beer-catalog-service/src/main/java/com/example/HomeController.java b/beer-catalog-service/src/main/java/com/example/HomeController.java
index 88090bf..01357b5 100644
--- a/beer-catalog-service/src/main/java/com/example/HomeController.java
+++ b/beer-catalog-service/src/main/java/com/example/HomeController.java
@@ -1,21 +1,24 @@
 package com.example;
 
-import org.juiser.model.User;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
 
+import java.security.Principal;
+import java.util.Map;
+
 @Controller
 public class HomeController {
 
-    private final User user;
-
-    public HomeController(User user) {
-        this.user = user;
+    public HomeController() {
     }
 
     @GetMapping("/home")
-    public String howdy(Model model) {
+    @SuppressWarnings("unchecked")
+    public String howdy(Model model, Principal principal) {
+        OAuth2Authentication authentication = (OAuth2Authentication) principal;
+        Map<String, Object> user = (Map<String, Object>) authentication.getUserAuthentication().getDetails();
         model.addAttribute("user", user);
         return "home";
     }
diff --git a/beer-catalog-service/src/main/java/com/example/ResourceServerConfig.java b/beer-catalog-service/src/main/java/com/example/ResourceServerConfig.java
new file mode 100644
index 0000000..dbeca6f
--- /dev/null
+++ b/beer-catalog-service/src/main/java/com/example/ResourceServerConfig.java
@@ -0,0 +1,20 @@
+package com.example;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+import org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher;
+
+@Configuration
+@EnableResourceServer
+public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
+
+    @Override
+    public void configure(HttpSecurity http) throws Exception {
+        http
+            .requestMatcher(new RequestHeaderRequestMatcher("Authorization"))
+            .authorizeRequests().anyRequest().fullyAuthenticated();
+    }
+
+}
\ No newline at end of file
diff --git a/beer-catalog-service/src/main/resources/application.properties b/beer-catalog-service/src/main/resources/application.properties
index 6d66c9d..00cc0d7 100644
--- a/beer-catalog-service/src/main/resources/application.properties
+++ b/beer-catalog-service/src/main/resources/application.properties
@@ -1,3 +1,12 @@
 spring.application.name=beer-catalog-service
-server.use-forward-headers=true
-juiser.header.jwt.key.resource=classpath:rsatest.pub.pem
\ No newline at end of file
+
+security.basic.enabled=false
+security.oauth2.client.access-token-uri=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/token
+security.oauth2.client.user-authorization-uri=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/auth
+security.oauth2.client.client-id=web_app
+security.oauth2.client.client-secret=web_app
+security.oauth2.client.scope=openid profile email
+security.oauth2.resource.filter-order=3
+security.oauth2.resource.user-info-uri=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/userinfo
+security.oauth2.resource.token-info-uri=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/token/introspect
+security.oauth2.resource.prefer-token-info=false
\ No newline at end of file
diff --git a/beer-catalog-service/src/main/resources/logback-spring.xml b/beer-catalog-service/src/main/resources/logback-spring.xml
new file mode 100644
index 0000000..b359af8
--- /dev/null
+++ b/beer-catalog-service/src/main/resources/logback-spring.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<configuration scan="true">
+    <include resource="org/springframework/boot/logging/logback/base.xml"/>
+
+    <logger name="org.springframework" level="WARN"/>
+    <logger name="org.springframework.web" level="WARN"/>
+    <logger name="org.springframework.security" level="WARN"/>
+
+    <!-- https://logback.qos.ch/manual/configuration.html#shutdownHook and https://jira.qos.ch/browse/LOGBACK-1090 -->
+    <shutdownHook class="ch.qos.logback.core.hook.DelayingShutdownHook"/>
+
+    <contextListener class="ch.qos.logback.classic.jul.LevelChangePropagator">
+        <resetJUL>true</resetJUL>
+    </contextListener>
+
+</configuration>
diff --git a/beer-catalog-service/src/main/resources/rsatest.pub.pem b/beer-catalog-service/src/main/resources/rsatest.pub.pem
deleted file mode 100644
index 84cd3fb..0000000
--- a/beer-catalog-service/src/main/resources/rsatest.pub.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9K1RO7ABH1CdCDflO/V2
-JesfKGRDdeuyJQe4OqkTHR1LOcLPKrCrnu+zYf1cLxemwgcbRY3RQAwJsMXNVT90
-kA2zfa4BgtGucckS1yTDTrrgQhFst16fw+fNQLvuGHRY5xshV9wrFXDsX71GHKXo
-A2QhBPtSGw1yiYfPtDwOvQ9jxBQkxVJ6YsCk9nqoU5oSIsA0rRC995RAoNqo1DAj
-X5OhPqaOg2+3y6fV8fGI+xprEmv1owFiq/NFY5PtyOn8W0jSsIKLDPSogzYfeAR+
-Ryw0iSl5rHmLeEn16oy1aeKsApg1CkGTXOY7VyH0PsziTuLlOufZ1HyuGPUv7hQe
-UwIDAQAB
------END PUBLIC KEY-----
diff --git a/beer-catalog-service/src/main/resources/templates/home.html b/beer-catalog-service/src/main/resources/templates/home.html
index 6cc74ae..0c5a15a 100644
--- a/beer-catalog-service/src/main/resources/templates/home.html
+++ b/beer-catalog-service/src/main/resources/templates/home.html
@@ -31,11 +31,11 @@
     </style>
 </head>
 <body>
-<h1>Hello<span th:if="${user.authenticated}" th:text="' ' + ${user.givenName}"> Joe</span>!</h1>
-<div th:unless="${user.authenticated}">
+<h1>Hello<span th:if="${user}" th:text="' ' + ${user.name}"> Joe</span>!</h1>
+<div th:unless="${user}">
     <a th:href="@{/login}">Login</a>
 </div>
-<div th:if="${user.authenticated}">
+<div th:if="${user}">
     <form id="logoutForm" th:action="@{/logout}" method="post">
         <input type="submit" value="Logout"/>
     </form>
@@ -51,92 +51,32 @@ <h2>User Properties</h2>
     </thead>
     <tbody>
     <tr>
-        <td>anonymous</td>
-        <td th:text="${user.anonymous}"></td>
-    </tr>
-    <tr>
-        <td>authenticated</td>
-        <td th:text="${user.authenticated}"></td>
-    </tr>
-    <tr>
-        <td>href</td>
-        <td th:text="${user.href}"></td>
-    </tr>
-    <tr>
-        <td>id</td>
-        <td th:text="${user.id}"></td>
+        <td>sub</td>
+        <td th:text="${user.sub}"></td>
     </tr>
     <tr>
         <td>name</td>
         <td th:text="${user.name}"></td>
     </tr>
     <tr>
-        <td>givenName</td>
-        <td th:text="${user.givenName}"></td>
-    </tr>
-    <tr>
-        <td>middleName</td>
-        <td th:text="${user.middleName}"></td>
-    </tr>
-    <tr>
-        <td>familyName</td>
-        <td th:text="${user.familyName}"></td>
-    </tr>
-    <tr>
-        <td>nickname</td>
-        <td th:text="${user.nickname}"></td>
-    </tr>
-    <tr>
-        <td>username</td>
-        <td th:text="${user.username}"></td>
-    </tr>
-    <tr>
-        <td>profile</td>
-        <td th:text="${user.profile}"></td>
+        <td>given_name</td>
+        <td th:text="${user.given_name}"></td>
     </tr>
     <tr>
-        <td>picture</td>
-        <td th:text="${user.picture}"></td>
+        <td>family_name</td>
+        <td th:text="${user.family_name}"></td>
     </tr>
     <tr>
-        <td>website</td>
-        <td th:text="${user.website}"></td>
+        <td>preferred_username</td>
+        <td th:text="${user.preferred_username}"></td>
     </tr>
     <tr>
         <td>email</td>
         <td th:text="${user.email}"></td>
     </tr>
     <tr>
-        <td>emailVerified</td>
-        <td th:text="${user.emailVerified}"></td>
-    </tr>
-    <tr>
-        <td>gender</td>
-        <td th:text="${user.gender}"></td>
-    </tr>
-    <tr>
-        <td>birthdate</td>
-        <td th:text="${user.birthdate}"></td>
-    </tr>
-    <tr>
-        <td>zoneInfo</td>
-        <td th:text="${user.zoneInfo}"></td>
-    </tr>
-    <tr>
-        <td>phoneNumber</td>
-        <td th:text="${user.phone}"></td>
-    </tr>
-    <tr>
-        <td>phoneNumberVerified</td>
-        <td th:text="${user.phoneNumberVerified}"></td>
-    </tr>
-    <tr>
-        <td>createdAt</td>
-        <td th:text="${user.createdAt}"></td>
-    </tr>
-    <tr>
-        <td>updatedAt</td>
-        <td th:text="${user.updatedAt}"></td>
+        <td>roles</td>
+        <td th:text="${user.roles}"></td>
     </tr>
     </tbody>
 </table>
diff --git a/client/src/app/shared/okta/okta.service.ts b/client/src/app/shared/okta/okta.service.ts
index c892fea..c0df8d5 100644
--- a/client/src/app/shared/okta/okta.service.ts
+++ b/client/src/app/shared/okta/okta.service.ts
@@ -8,7 +8,7 @@ export class OktaService {
   constructor() {
     this.widget = new OktaSignIn({
       baseUrl: 'https://dev-158606.oktapreview.com',
-      clientId: 'MjlYvTtFW26gOoOAHKOz',
+      clientId: '0oac1m42hrA5FthoW0h7',
       authParams: {
         issuer: 'default',
         responseType: ['id_token', 'token'],
diff --git a/edge-service/pom.xml b/edge-service/pom.xml
index 1582583..3796fa4 100644
--- a/edge-service/pom.xml
+++ b/edge-service/pom.xml
@@ -38,6 +38,18 @@
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-hystrix</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security.oauth</groupId>
+            <artifactId>spring-security-oauth2</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-jwt</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-zuul</artifactId>
@@ -50,21 +62,21 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
-
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
             <optional>true</optional>
         </dependency>
-        <dependency>
-            <groupId>com.stormpath.spring</groupId>
-            <artifactId>stormpath-zuul-spring-cloud-starter</artifactId>
-        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-security</artifactId>
+            <version>1.2.2.BUILD-SNAPSHOT</version>
+        </dependency>
     </dependencies>
 
     <dependencyManagement>
@@ -76,13 +88,6 @@
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
-            <dependency>
-                <groupId>com.stormpath.sdk</groupId>
-                <artifactId>stormpath-bom</artifactId>
-                <version>2.0.4-okta</version>
-                <type>pom</type>
-                <scope>import</scope>
-            </dependency>
         </dependencies>
     </dependencyManagement>
 
diff --git a/edge-service/src/main/java/com/example/EdgeServiceApplication.java b/edge-service/src/main/java/com/example/EdgeServiceApplication.java
index e8c9d97..ccf4c93 100644
--- a/edge-service/src/main/java/com/example/EdgeServiceApplication.java
+++ b/edge-service/src/main/java/com/example/EdgeServiceApplication.java
@@ -2,30 +2,38 @@
 
 import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand;
 import com.netflix.hystrix.contrib.javanica.annotation.HystrixProperty;
-import com.stormpath.sdk.servlet.account.AccountStringResolver;
-import com.stormpath.sdk.servlet.http.Resolver;
 import feign.RequestInterceptor;
 import lombok.Data;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.cloud.client.circuitbreaker.EnableCircuitBreaker;
 import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
 import org.springframework.cloud.netflix.feign.EnableFeignClients;
 import org.springframework.cloud.netflix.feign.FeignClient;
 import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
 import org.springframework.context.annotation.Bean;
+import org.springframework.core.Ordered;
 import org.springframework.hateoas.Resources;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.http.HttpRequest;
+import org.springframework.web.bind.annotation.CrossOrigin;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
 
 import java.util.ArrayList;
 import java.util.Collection;
+import java.util.Collections;
 import java.util.stream.Collectors;
 
 @EnableFeignClients
 @EnableCircuitBreaker
 @EnableDiscoveryClient
 @EnableZuulProxy
+@EnableOAuth2Sso
 @SpringBootApplication
 public class EdgeServiceApplication {
 
@@ -34,9 +42,17 @@ public static void main(String[] args) {
     }
 
     @Bean
-    public RequestInterceptor forwardedAccountRequestInterceptor(
-            @Qualifier("stormpathForwardedAccountHeaderValueResolver") Resolver<String> accountStringResolver) {
-        return new ForwardedAccountRequestInterceptor(accountStringResolver);
+    public FilterRegistrationBean simpleCorsFilter() {
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        CorsConfiguration config = new CorsConfiguration();
+        config.setAllowCredentials(true);
+        config.setAllowedOrigins(Collections.singletonList("http://localhost:4200"));
+        config.setAllowedMethods(Collections.singletonList("*"));
+        config.setAllowedHeaders(Collections.singletonList("*"));
+        source.registerCorsConfiguration("/**", config);
+        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
+        bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
+        return bean;
     }
 }
 
@@ -65,9 +81,7 @@ public Collection<Beer> fallback() {
         return new ArrayList<>();
     }
 
-    @HystrixCommand(fallbackMethod = "fallback", commandProperties = {
-            @HystrixProperty(name="execution.isolation.strategy", value="SEMAPHORE")
-    })
+    @HystrixCommand(fallbackMethod = "fallback")
     @GetMapping("/good-beers")
     @CrossOrigin(origins = "*")
     public Collection<Beer> goodBeers() {
diff --git a/edge-service/src/main/java/com/example/ForwardedAccountRequestInterceptor.java b/edge-service/src/main/java/com/example/ForwardedAccountRequestInterceptor.java
deleted file mode 100644
index cc3a9ac..0000000
--- a/edge-service/src/main/java/com/example/ForwardedAccountRequestInterceptor.java
+++ /dev/null
@@ -1,36 +0,0 @@
-package com.example;
-
-import com.stormpath.sdk.servlet.http.Resolver;
-import com.stormpath.zuul.account.ForwardedAccountHeaderFilter;
-import feign.RequestInterceptor;
-import feign.RequestTemplate;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-public class ForwardedAccountRequestInterceptor implements RequestInterceptor {
-
-    private static final Logger LOGGER = LoggerFactory.getLogger(ForwardedAccountRequestInterceptor.class);
-
-    private final Resolver<String> valueResolver;
-
-    public ForwardedAccountRequestInterceptor(Resolver<String> accountStringResolver) {
-        this.valueResolver = accountStringResolver;
-    }
-
-    @Override
-    public void apply(RequestTemplate template) {
-        if (template.headers().containsKey(ForwardedAccountHeaderFilter.DEFAULT_HEADER_NAME)) {
-            LOGGER.warn("The X-Forwarded-User has been already set");
-        } else {
-            LOGGER.debug("Constructing Header {} for Account", ForwardedAccountHeaderFilter.DEFAULT_HEADER_NAME);
-            HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
-            HttpServletResponse response = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getResponse();
-            template.header(ForwardedAccountHeaderFilter.DEFAULT_HEADER_NAME, valueResolver.get(request, response));
-        }
-    }
-}
\ No newline at end of file
diff --git a/edge-service/src/main/java/com/example/OAuth2UserClientFeignConfiguration.java b/edge-service/src/main/java/com/example/OAuth2UserClientFeignConfiguration.java
new file mode 100644
index 0000000..e128347
--- /dev/null
+++ b/edge-service/src/main/java/com/example/OAuth2UserClientFeignConfiguration.java
@@ -0,0 +1,14 @@
+package com.example;
+
+import feign.RequestInterceptor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class OAuth2UserClientFeignConfiguration {
+    
+    @Bean
+    public RequestInterceptor getUserFeignClientInterceptor() {
+        return new UserFeignClientInterceptor();
+    }
+}
\ No newline at end of file
diff --git a/edge-service/src/main/java/com/example/ResourceServerConfiguration.java b/edge-service/src/main/java/com/example/ResourceServerConfiguration.java
new file mode 100644
index 0000000..6eeb2a3
--- /dev/null
+++ b/edge-service/src/main/java/com/example/ResourceServerConfiguration.java
@@ -0,0 +1,20 @@
+package com.example;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+import org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher;
+
+@Configuration
+@EnableResourceServer
+public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
+
+    @Override
+    public void configure(HttpSecurity http) throws Exception {
+        http
+            .requestMatcher(new RequestHeaderRequestMatcher("Authorization"))
+            .authorizeRequests()
+            .antMatchers("/**").authenticated();
+    }
+}
\ No newline at end of file
diff --git a/edge-service/src/main/java/com/example/UserFeignClientInterceptor.java b/edge-service/src/main/java/com/example/UserFeignClientInterceptor.java
new file mode 100644
index 0000000..7ee7c50
--- /dev/null
+++ b/edge-service/src/main/java/com/example/UserFeignClientInterceptor.java
@@ -0,0 +1,26 @@
+package com.example;
+
+import feign.RequestInterceptor;
+import feign.RequestTemplate;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
+import org.springframework.stereotype.Component;
+
+@Component
+public class UserFeignClientInterceptor implements RequestInterceptor {
+    private static final String AUTHORIZATION_HEADER = "Authorization";
+    private static final String BEARER_TOKEN_TYPE = "Bearer";
+
+    @Override
+    public void apply(RequestTemplate template) {
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        Authentication authentication = securityContext.getAuthentication();
+
+        if (authentication != null && authentication.getDetails() instanceof OAuth2AuthenticationDetails) {
+            OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) authentication.getDetails();
+            template.header(AUTHORIZATION_HEADER, String.format("%s %s", BEARER_TOKEN_TYPE, details.getTokenValue()));
+        }
+    }
+}
\ No newline at end of file
diff --git a/edge-service/src/main/resources/application.properties b/edge-service/src/main/resources/application.properties
index d5d889f..4102267 100644
--- a/edge-service/src/main/resources/application.properties
+++ b/edge-service/src/main/resources/application.properties
@@ -1,6 +1,5 @@
 spring.application.name=edge-service
 server.port=8081
-server.use-forward-headers=true
 
 zuul.routes.beer-catalog-service.path=/beers
 zuul.routes.beer-catalog-service.url=http://localhost:8080
@@ -8,9 +7,17 @@ zuul.routes.beer-catalog-service.url=http://localhost:8080
 zuul.routes.home.path=/home
 zuul.routes.home.url=http://localhost:8080
 
-stormpath.web.cors.allowed.originUris=http://localhost:4200
+security.oauth2.client.access-token-uri=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/token
+security.oauth2.client.user-authorization-uri=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/auth
+security.oauth2.client.client-id=web_app
+security.oauth2.client.client-secret=web_app
+security.oauth2.client.client-authentication-scheme=form
+security.oauth2.client.scope=openid profile email
+security.oauth2.resource.filter-order=3
+security.oauth2.resource.user-info-uri=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/userinfo
+security.oauth2.resource.token-info-uri=http://localhost:9080/auth/realms/jhipster/protocol/openid-connect/token/introspect
+security.oauth2.resource.prefer-token-info=false
 
-stormpath.zuul.account.header.jwt.key.resource=classpath:rsatest.priv.pem
-# this is just one example of a key id - anything that the origin server can make sense of to lookup
-# the corresponding public key is fine.  Here we use the public key file name.
-stormpath.zuul.account.header.jwt.key.id=rsatest.pub.pem
\ No newline at end of file
+# See https://github.com/spring-cloud/spring-cloud-netflix/issues/1330
+feign.hystrix.enabled=true
+hystrix.shareSecurityContext=true
\ No newline at end of file
diff --git a/edge-service/src/main/resources/logback-spring.xml b/edge-service/src/main/resources/logback-spring.xml
new file mode 100644
index 0000000..b359af8
--- /dev/null
+++ b/edge-service/src/main/resources/logback-spring.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<configuration scan="true">
+    <include resource="org/springframework/boot/logging/logback/base.xml"/>
+
+    <logger name="org.springframework" level="WARN"/>
+    <logger name="org.springframework.web" level="WARN"/>
+    <logger name="org.springframework.security" level="WARN"/>
+
+    <!-- https://logback.qos.ch/manual/configuration.html#shutdownHook and https://jira.qos.ch/browse/LOGBACK-1090 -->
+    <shutdownHook class="ch.qos.logback.core.hook.DelayingShutdownHook"/>
+
+    <contextListener class="ch.qos.logback.classic.jul.LevelChangePropagator">
+        <resetJUL>true</resetJUL>
+    </contextListener>
+
+</configuration>
diff --git a/edge-service/src/main/resources/rsatest.priv.pem b/edge-service/src/main/resources/rsatest.priv.pem
deleted file mode 100644
index 37be78c..0000000
--- a/edge-service/src/main/resources/rsatest.priv.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEA9K1RO7ABH1CdCDflO/V2JesfKGRDdeuyJQe4OqkTHR1LOcLP
-KrCrnu+zYf1cLxemwgcbRY3RQAwJsMXNVT90kA2zfa4BgtGucckS1yTDTrrgQhFs
-t16fw+fNQLvuGHRY5xshV9wrFXDsX71GHKXoA2QhBPtSGw1yiYfPtDwOvQ9jxBQk
-xVJ6YsCk9nqoU5oSIsA0rRC995RAoNqo1DAjX5OhPqaOg2+3y6fV8fGI+xprEmv1
-owFiq/NFY5PtyOn8W0jSsIKLDPSogzYfeAR+Ryw0iSl5rHmLeEn16oy1aeKsApg1
-CkGTXOY7VyH0PsziTuLlOufZ1HyuGPUv7hQeUwIDAQABAoIBAQCJEou+v4Rxcaz3
-jLDcnU/6QDVtYHY2mrtraV65ZjzyA5ZAHrYGuYD8AldhXxoEu+BNNMP/fEqs8dF/
-+eBlkK4Rgct7bj8kdamfz0DBzLOp6KF4AeEA/X7Nto/TYzUo+A1SM23DlfGBCokx
-vYyIwh0vwSmKa+18gFUZXT9sPnUXTm5jrfrXpRDyHyk7Kc7+2MAUkypoR9b9Qkmv
-JVmDT6UJtWqOxAx+xanK475IZoz6rC5WLffQ+oDrOToJO6FMnB6jh1vuPpkaMZ4r
-vqmhSAMIqFy3F4gf3IYUCLehz68NSvrcdz136tIxfIdBUtB6eONpcO8RtbqtJygX
-xENgPXfBAoGBAP7GU73H3piA1U+QeszxfOGmxnPQ6SrwRsyc+kPd90fi59pRQeFS
-dXOZfDNiWOUREx4QUB9WGnuvNqmOHV975psr+y1sgZW0+azIwgvhyGOdGZ+jxU6W
-fDRJbpDiMpP6ywWQtQn4mPXZUreFL1m9Ix1kCySoHS30NsTpgsx9rMihAoGBAPXa
-juLTlvNXNIB645+qRL7ggx8Hd4Gza3+mQT1U7iEZZ9AhQic6PHQfONqZUwCEHZB5
-DXsCFyWIm0x2EqtVSzPy5kJcl67oW4mnVCOm9SfNlqBrLGD5frRBufME/vxBjc6n
-JMKcZ6ocgkCjzy8ZIIHC/eckOJ67xcXwclh5fz5zAoGAYcY9FwUgYQh4VHuPFR3M
-HlFBserHwQnLMfVAelEx+C2VawxqKw3ZM08BAjtJAEfoPU5nYU9LBJJ+eN2oWh+T
-pZNgZtNQe+KjOvMkvSieHdSJo+FW9Ez+R5ayzvlwDahex7j8MWJtWVRY0UNUo6zZ
-UAs3146I/DzP1AwFfXLxn2ECgYBsYYQZ9IMYFTp85S/RZENYDitfk3AYilr6c/VQ
-r08m4kdEllTObDrYSidLHspbcOKDnQnXT02a60TjCS4jv78eUJc3bBAmOCKaZVyP
-NvveJyCe6YAv4+z6U/tAadRqqg90qXRoIoEEmfrFujEMpzwQWECMFAit2UNPhjcy
-T6VLhwKBgQD7xpcvkDjx5UKzB5/yybcPSUipPaQl8gAPLV3kjDluF49eDPMu+afb
-GLpheRkIpWfrCesYoBoJdb/CngiJ4sDaMncQRnGSmGjrZU9lBGN7UvaEDbJhZvej
-S5RJw6iMo1PLd+ikOaFTpbsFt89l8x00A7fQu1fqmvg6CQd+gIQDtg==
------END RSA PRIVATE KEY-----
diff --git a/edge-service/src/main/resources/rsatest.pub.pem b/edge-service/src/main/resources/rsatest.pub.pem
deleted file mode 100644
index 84cd3fb..0000000
--- a/edge-service/src/main/resources/rsatest.pub.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9K1RO7ABH1CdCDflO/V2
-JesfKGRDdeuyJQe4OqkTHR1LOcLPKrCrnu+zYf1cLxemwgcbRY3RQAwJsMXNVT90
-kA2zfa4BgtGucckS1yTDTrrgQhFst16fw+fNQLvuGHRY5xshV9wrFXDsX71GHKXo
-A2QhBPtSGw1yiYfPtDwOvQ9jxBQkxVJ6YsCk9nqoU5oSIsA0rRC995RAoNqo1DAj
-X5OhPqaOg2+3y6fV8fGI+xprEmv1owFiq/NFY5PtyOn8W0jSsIKLDPSogzYfeAR+
-Ryw0iSl5rHmLeEn16oy1aeKsApg1CkGTXOY7VyH0PsziTuLlOufZ1HyuGPUv7hQe
-UwIDAQAB
------END PUBLIC KEY-----