我一直在尝试使用以下security-context.xml的最基本设置为Spring(4.0.1)配置Oauth2
<oauth2:authorization-server client-details-service-ref="clientDetails" >
<oauth2:authorization-code />
</oauth2:authorization-server>
<oauth2:client-details-service id="clientDetails">
<oauth2:client
client-id="posConnector"
authorized-grant-types="password"
/>
</oauth2:client-details-service>
<authentication-manager alias="authenticationManager">
</authentication-manager>
但问题是当部署它时oauth / token POST没有被映射,因此在尝试获取令牌时给我405方法不允许错误。
2015-02-19 15:27:05,553 INFO [org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping] (MSC service thread 1-7) Mapped "{[/oauth/confirm_access],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.getAccessConfirmation(java.util.Map<java.lang.String, java.lang.Object>,javax.servlet.http.HttpServletRequest) throws java.lang.Exception
2015-02-19 15:27:05,620 INFO [org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping] (MSC service thread 1-7) Mapped "{[/oauth/authorize],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.authorize(java.util.Map<java.lang.String, java.lang.Object>,java.util.Map<java.lang.String, java.lang.String>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
2015-02-19 15:27:05,621 INFO [org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping] (MSC service thread 1-7) Mapped "{[/oauth/authorize],methods=[POST],params=[user_oauth_approval],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.View org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.approveOrDeny(java.util.Map<java.lang.String, java.lang.String>,java.util.Map<java.lang.String, ?>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
2015-02-19 15:27:05,623 INFO [org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping] (MSC service thread 1-7) Mapped "{[/oauth/token],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(java.security.Principal,java.util.Map<java.lang.String, java.lang.String>)
2015-02-19 15:27:05,836 INFO [org.springframework.security.web.DefaultSecurityFilterChain] (MSC service thread 1-7) Creating filter chain: Ant [pattern='/api/v1/**'], [org.springframework.security.web.context.SecurityContextPersistenceFilter@42ce8c43, org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@6f6e36dd, org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter@5f1fc920, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@27228f4f, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@1138a37c, org.springframework.security.web.session.SessionManagementFilter@f7ea758, org.springframework.security.web.access.ExceptionTranslationFilter@2e09295e, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@1de29327]
我通过添加自定义控制器请求映射到令牌端点并生成令牌来解决了这个问题。但我仍然困惑为什么默认的基本配置不会有这种映射。
有人能给我一个关于为什么没有发生这种映射的线索吗?