当Auth服务器和资源服务器位于Spring Boot中同一台服务器上时，需要“访问此资源需要完全身份验证”(Getting “Full authentication is required to a

编程入门行业动态更新时间:2024-10-27 13:34:08

当Auth服务器和资源服务器位于Spring Boot中同一台服务器上时，需要“访问此资源需要完全身份验证”(Getting “Full authentication is required to access this resource” when Auth Server and Resource server in same server in Spring Boot)

我将Authorization Server和Resource Server保存在同一台服务器上。以下是我的安全配置，

@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) @EnableResourceServer public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired @Qualifier("userDetailsService") private UserDetailsService userDetailsService; @Override public void configure(HttpSecurity http) throws Exception { http.formLogin().and().httpBasic().disable().anonymous().disable().authorizeRequests().anyRequest() .authenticated(); } @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } }

我试图实现'authorization_code'授予类型并获取错误。密码授权类型没有问题

如果我的资源服务器是独立的，它工作正常，但当我在同一台服务器上时，它永远不会工作。基本上，当我没有'@EnableResourceServer'通知时，OAuth登录页面显示完美。但是当我有注释时，获取“完全身份验证才能访问此资源”错误。我尝试了多种配置以允许“/ login”URL。但没有运气。

I keep Authorization Server and Resource Server in same server. Below is my security configuration,

Im trying to implement 'authorization_code' grant type and getting the error. There is no issues in password grant type

It works fine if I have resource server as separate, But It never works when I both in same server. Basically OAuth login page is displaying perfectly when I don't have '@EnableResourceServer' annoation. But getting "Full authentication is required to access this resource" error when I have the annotation. I tried multiple configurations to allow "/login" URL. but no luck.

最满意答案

使ResourceServerConfiguration如下所示：

@Configuration 
@EnableResourceServer 
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {

    private static final String RESOURCE_ID = "restservice";

    @Autowired
    DataSource dataSource;

    @Autowired
    @Qualifier("oauthTokenStore")
    private TokenStore tokenStore;

    @Override
    public void configure(@NotNull ResourceServerSecurityConfigurer resources) {
        resources.resourceId(RESOURCE_ID);
    }

    @Override
    public void configure(@NotNull HttpSecurity http) throws Exception {

        http
            .requestMatchers()
                .antMatchers("/**")
                .and()
            .authorizeRequests()
                .antMatchers("/**").access("#oauth2.hasScope('read')")
                .and()
            .exceptionHandling()
            .accessDeniedHandler(new OAuth2AccessDeniedHandler());
    }
}
Make a ResourceServerConfiguration something like this: 
@Configuration 
@EnableResourceServer 
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {

    private static final String RESOURCE_ID = "restservice";

    @Autowired
    DataSource dataSource;

    @Autowired
    @Qualifier("oauthTokenStore")
    private TokenStore tokenStore;

    @Override
    public void configure(@NotNull ResourceServerSecurityConfigurer resources) {
        resources.resourceId(RESOURCE_ID);
    }

    @Override
    public void configure(@NotNull HttpSecurity http) throws Exception {

        http
            .requestMatchers()
                .antMatchers("/**")
                .and()
            .authorizeRequests()
                .antMatchers("/**").access("#oauth2.hasScope('read')")
                .and()
            .exceptionHandling()
            .accessDeniedHandler(new OAuth2AccessDeniedHandler());
    }
}

更多推荐

本文发布于:2023-08-05 18:30:00，感谢您对本站的认可！

本文链接:https://www.elefans.com/category/jswz/34/1436689.html