好的,所以,在从1.0.0.M6更新到Spring Oauth2 2.0.6之后,我的配置停止了工作。我不得不在这里做一些调整(比如,一些不再存在的类和一些改变了包的类)。
目前的配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd">
<global-method-security pre-post-annotations="enabled" />
<http pattern="/favicon.ico" security="none" />
<http pattern="/login/**" security="none" />
<http pattern="/css/**" security="none" />
<http pattern="/js/**" security="none" />
<http pattern="/img/**" security="none" />
<http pattern="/mockdata/**" security="none" />
<http pattern="/p/api/**" security="none" />
<http pattern="/p/public/**" entry-point-ref="oauthAuthenticationEntryPoint" authentication-manager-ref="clientAuthenticationManager">
<intercept-url pattern="/p/public/**" access="ROLE_OAUTH_CLIENT" />
<custom-filter ref="resourceServerFilter" before="EXCEPTION_TRANSLATION_FILTER" />
</http>
<http pattern="/public/**" entry-point-ref="oauthAuthenticationEntryPoint" authentication-manager-ref="clientAuthenticationManager">
<intercept-url pattern="/public/**" access="ROLE_OAUTH_CLIENT" />
<custom-filter ref="resourceServerFilter" before="EXCEPTION_TRANSLATION_FILTER" />
</http>
<http pattern="/p/oauth/token" create-session="never" authentication-manager-ref="clientAuthenticationManager">
<intercept-url pattern="/p/oauth/token" access="ROLE_OAUTH_CLIENT" />
<anonymous enabled="false" />
<http-basic />
<custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" />
<access-denied-handler ref="oauthAccessDeniedHandler" />
</http>
<http access-decision-manager-ref="accessDecisionManager">
<intercept-url pattern="/p/tasks/comment" access="ROLE_ACTIVE,ROLE_OAUTH_CLIENT" />
<intercept-url pattern="/**" access="ROLE_ACTIVE"/>
<!-- ATTENTION TO THIS LINE - If commented out the login works -->
<custom-filter ref="resourceServerFilter" before="EXCEPTION_TRANSLATION_FILTER" />
<access-denied-handler error-page="/login/" />
<form-login login-page="/login/" default-target-url="/" authentication-failure-url="/login/?error=1" />
<http-basic/>
<logout logout-url="/logout" logout-success-url="/" />
<remember-me user-service-ref="userDetailsServiceImpl" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userDetailsServiceImpl">
<password-encoder hash="md5"/>
</authentication-provider>
</authentication-manager>
<beans:bean id="oauthAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<beans:property name="realmName" value="on-tasks2" />
</beans:bean>
<beans:bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
<beans:bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
<beans:property name="authenticationManager" ref="clientAuthenticationManager" />
</beans:bean>
<beans:bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
<beans:constructor-arg>
<beans:list>
<beans:bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
<beans:bean class="org.springframework.security.access.vote.RoleVoter">
<beans:property name="rolePrefix" value="" />
</beans:bean>
<beans:bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
</beans:list>
</beans:constructor-arg>
</beans:bean>
<authentication-manager id="clientAuthenticationManager">
<authentication-provider user-service-ref="clientDetailsUserDetailsService" />
</authentication-manager>
<beans:bean id="clientDetailsUserDetailsService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
<beans:constructor-arg ref="clientDetails" />
</beans:bean>
<beans:bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<beans:property name="tokenStore" ref="tokenStore" />
<beans:property name="supportRefreshToken" value="false" />
<beans:property name="clientDetailsService" ref="clientDetails" />
</beans:bean>
<beans:bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
<beans:constructor-arg ref="dataSource" />
</beans:bean>
<oauth:authorization-server
client-details-service-ref="clientDetails"
token-services-ref="tokenServices"
authorization-endpoint-url="/p/oauth/authorize"
token-endpoint-url="/p/oauth/token"
user-approval-page="access_confirmation">
<oauth:authorization-code />
<oauth:implicit />
<oauth:refresh-token />
<oauth:client-credentials />
<oauth:password />
</oauth:authorization-server>
<oauth:resource-server id="resourceServerFilter" resource-id="on-tasks" token-services-ref="tokenServices" />
<beans:bean id="clientDetails" class="org.springframework.security.oauth2.provider.client.JdbcClientDetailsService">
<beans:constructor-arg ref="dataSource" />
</beans:bean>
</beans:beans>
按照此配置,每当我尝试登录时,它都会在 / j_spring_security_check 上使用302代码重定向到登录页面。如果我将该行( custom-filter ref =“resourceServerFilter”在=“EXCEPTION_TRANSLATION_FILTER”之前)注释掉,则登录将起作用。
此外,现在,如果我尝试访问 localhost:8080 / p / oauth / token?client_id = the-client-ids&amp; client_secret = someMockedSecret&amp; grant_type = client_credentials&amp; scope = comment 我得到404,而在它用于创建访问令牌之前。
随更新更改的行如下:
- <beans:bean id="oauthAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.MediaTypeAwareAuthenticationEntryPoint">
+ <beans:bean id="oauthAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
- <beans:bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.MediaTypeAwareAccessDeniedHandler" />
+ <beans:bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
- <beans:bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.filter.ClientCredentialsTokenEndpointFilter">
+ <beans:bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
- <beans:bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.RandomValueTokenServices">
+ <beans:bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
- <beans:bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.JdbcTokenStore">
+ <beans:bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
- <beans:bean id="clientDetails" class="org.springframework.security.oauth2.provider.JdbcClientDetailsService">
+ <beans:bean id="clientDetails" class="org.springframework.security.oauth2.provider.client.JdbcClientDetailsService">
有什么建议吗?我尝试了一些我在StackOverflow中找到的不同配置,但它们都不适用于我。
先谢谢你。
-glauber