我正在使用Mule CE,需要使用Oauth2实现基于令牌的安全性(最好)。我已经配置了授权服务器,我确实看到了日志文件中的默认映射,但是当我在“/ oauth / token”上发送消息时没有任何反应。
当在Tomcat上作为独立的Spring Web服务应用程序部署时,类似的OAuth2配置可以与Spring / Tomcat一起使用。
这是我的Mule配置:
<mule xmlns:mulexml="http://www.mulesoft.org/schema/mule/xml"
xmlns:https="http://www.mulesoft.org/schema/mule/https" xmlns:jersey="http://www.mulesoft.org/schema/mule/jersey"
xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns="http://www.mulesoft.org/schema/mule/core"
xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:vm="http://www.mulesource.org/schema/mule/vm/2.0"
xmlns:spring="http://www.springframework.org/schema/beans" version="CE-3.3.1"
xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context" xmlns:ss="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xmlns:pattern="http://www.mulesoft.org/schema/mule/pattern" xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/xml http://www.mulesoft.org/schema/mule/xml/current/mule-xml.xsd
http://www.mulesoft.org/schema/mule/xml
http://www.mulesoft.org/schema/mule/xml/3.3/mule-xml.xsd
http://www.mulesoft.org/schema/mule/http
http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/core
http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/https
http://www.mulesoft.org/schema/mule/https/current/mule-https.xsd
http://www.mulesoft.org/schema/mule/jersey
http://www.mulesoft.org/schema/mule/jersey/current/mule-jersey.xsd
http://www.mulesoft.org/schema/mule/spring-security
http://www.mulesoft.org/schema/mule/spring-security/3.3/mule-spring-security.xsd
http://www.springframework.org/schema/security/oauth2
http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
http://www.mulesoft.org/schema/mule/pattern
http://www.mulesoft.org/schema/mule/pattern/3.3/mule-pattern.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd ">
<mule-ss:security-manager>
<mule-ss:delegate-security-provider
name="memory-provider" delegate-ref="authenticationManager" />
</mule-ss:security-manager>
<spring:beans>
<ss:authentication-manager alias="authenticationManager">
<ss:authentication-provider ref="myAuthenticationProvider" />
</ss:authentication-manager>
<oauth:client-details-service id="clientDetailsService">
<oauth:client client-id="admin"
authorized-grant-types="password,authorization_code,refresh_token,implicit,client_credentials"
authorities="ROLE_USER, ROLE_TRUSTED_CLIENT" scope="read,write,trust"
access-token-validity="60" />
</oauth:client-details-service>
<oauth:authorization-server
client-details-service-ref="clientDetailsService" token-services-ref="tokenServices">
<oauth:authorization-code />
<oauth:implicit />
<oauth:refresh-token />
<oauth:client-credentials />
<oauth:password />
</oauth:authorization-server>
</spring:beans>
<spring:beans>
<mvc:annotation-driven />
<spring:bean id="myAuthenticationProvider"
class="com.sachin.tech.security.MyUserAuthenticationProvider" />
<spring:bean id="oauthAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<spring:property name="realmName" value="myCustomerAppRealm" />
</spring:bean>
<spring:bean id="oauth2AccessDeniedHandler"
class="org.springframework.security.web.access.AccessDeniedHandlerImpl" />
<spring:bean id="clientCredentialsTokenEndpointFilter"
class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
<spring:property name="authenticationManager" ref="authenticationManager" />
</spring:bean>
<spring:bean id="tokenStore"
class="org.springframework.security.oauth2.provider.token.InMemoryTokenStore" />
<spring:bean id="tokenServices"
class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<spring:property name="tokenStore" ref="tokenStore" />
<spring:property name="supportRefreshToken" value="true" />
<spring:property name="accessTokenValiditySeconds"
value="60" />
</spring:bean>
</spring:beans>
<flow name="wsauthentication_2" doc:name="wsauthentication_2">
<http:inbound-endpoint exchange-pattern="request-response"
host="localhost" port="8098" doc:name="MyHTTPInbound2_2"
doc:description="wsauthentication_2 Desc">
</http:inbound-endpoint>
<echo-component doc:name="Echo" />
</flow>
</mule>
日志中的映射似乎很好:
13:48:01,789 DEBUG FrameworkEndpointHandlerMapping:125 - Looking for request mappings in application context: org.mule.config.spring.MuleApplicationContext@7fe3a7ec: startup date [Tue Apr 23 13:47:56 IST 2013]; root of context hierarchy
13:48:01,836 INFO FrameworkEndpointHandlerMapping:197 - Mapped "{[/oauth/error],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.handleError(javax.servlet.http.HttpServletRequest)
13:48:01,836 INFO FrameworkEndpointHandlerMapping:197 - Mapped "{[/oauth/confirm_access],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.getAccessConfirmation(java.util.Map<java.lang.String, java.lang.Object>) throws java.lang.Exception
13:48:01,851 INFO FrameworkEndpointHandlerMapping:197 - Mapped "{[/oauth/authorize],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.authorize(java.util.Map<java.lang.String, java.lang.Object>,java.lang.String,java.util.Map<java.lang.String, java.lang.String>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
13:48:01,851 INFO FrameworkEndpointHandlerMapping:197 - Mapped "{[/oauth/authorize],methods=[POST],params=[user_oauth_approval],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.View org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.approveOrDeny(java.util.Map<java.lang.String, java.lang.String>,java.util.Map<java.lang.String, ?>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
13:48:01,851 INFO FrameworkEndpointHandlerMapping:197 - Mapped "{[/oauth/token],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(java.security.Principal,java.lang.String,java.util.Map<java.lang.String, java.lang.String>)
请帮忙。
答案 0 :(得分:0)
我不认为Sprint OAuth实际上可以在Java Web容器的外部工作。
对于Mule EE,您可以使用OAuth2 provider from the Enterprise Security package。
对于Mule CE,您可以尝试运行嵌入式Jetty容器并在其后面使用Mule的Servlet端点。这应该提供一个Spring OAuth可以工作的环境。有关灵感,请参阅随Mule发行版提供的书店示例。