我将Authorization Server和Resource Server保存在同一台服务器上。 以下是我的安全配置,
@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) @EnableResourceServer public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired @Qualifier("userDetailsService") private UserDetailsService userDetailsService; @Override public void configure(HttpSecurity http) throws Exception { http.formLogin().and().httpBasic().disable().anonymous().disable().authorizeRequests().anyRequest() .authenticated(); } @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } }我试图实现'authorization_code'授予类型并获取错误。 密码授权类型没有问题
如果我的资源服务器是独立的,它工作正常,但当我在同一台服务器上时,它永远不会工作。 基本上,当我没有'@EnableResourceServer'通知时,OAuth登录页面显示完美。 但是当我有注释时,获取“完全身份验证才能访问此资源”错误。 我尝试了多种配置以允许“/ login”URL。 但没有运气。
I keep Authorization Server and Resource Server in same server. Below is my security configuration,
@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) @EnableResourceServer public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired @Qualifier("userDetailsService") private UserDetailsService userDetailsService; @Override public void configure(HttpSecurity http) throws Exception { http.formLogin().and().httpBasic().disable().anonymous().disable().authorizeRequests().anyRequest() .authenticated(); } @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } }Im trying to implement 'authorization_code' grant type and getting the error. There is no issues in password grant type
It works fine if I have resource server as separate, But It never works when I both in same server. Basically OAuth login page is displaying perfectly when I don't have '@EnableResourceServer' annoation. But getting "Full authentication is required to access this resource" error when I have the annotation. I tried multiple configurations to allow "/login" URL. but no luck.
最满意答案
使ResourceServerConfiguration如下所示:
@Configuration @EnableResourceServer public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter { private static final String RESOURCE_ID = "restservice"; @Autowired DataSource dataSource; @Autowired @Qualifier("oauthTokenStore") private TokenStore tokenStore; @Override public void configure(@NotNull ResourceServerSecurityConfigurer resources) { resources.resourceId(RESOURCE_ID); } @Override public void configure(@NotNull HttpSecurity http) throws Exception { http .requestMatchers() .antMatchers("/**") .and() .authorizeRequests() .antMatchers("/**").access("#oauth2.hasScope('read')") .and() .exceptionHandling() .accessDeniedHandler(new OAuth2AccessDeniedHandler()); } }Make a ResourceServerConfiguration something like this:
@Configuration @EnableResourceServer public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter { private static final String RESOURCE_ID = "restservice"; @Autowired DataSource dataSource; @Autowired @Qualifier("oauthTokenStore") private TokenStore tokenStore; @Override public void configure(@NotNull ResourceServerSecurityConfigurer resources) { resources.resourceId(RESOURCE_ID); } @Override public void configure(@NotNull HttpSecurity http) throws Exception { http .requestMatchers() .antMatchers("/**") .and() .authorizeRequests() .antMatchers("/**").access("#oauth2.hasScope('read')") .and() .exceptionHandling() .accessDeniedHandler(new OAuth2AccessDeniedHandler()); } }
更多推荐
发布评论