oauth提供程序的身份验证失败事件

时间:2016-07-11 13:23:56

标签: grails spring-security spring-security-oauth2

我在grails应用程序中添加了spring security core和oauth提供程序

我的配置:

// Added by the Spring Security OAuth2 Provider plugin:
grails.plugin.springsecurity.oauthProvider.clientLookup.className = 'com.oauth.Client'
grails.plugin.springsecurity.oauthProvider.authorizationCodeLookup.className = 'com.oauth.AuthorizationCode'
grails.plugin.springsecurity.oauthProvider.accessTokenLookup.className = 'com.oauth.AccessToken'
grails.plugin.springsecurity.oauthProvider.refreshTokenLookup.className = 'com.oauth.RefreshToken'
grails.plugin.springsecurity.logout.postOnly = false

//grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/client/index'

// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.auth.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.auth.UserRole'
grails.plugin.springsecurity.authority.className = 'com.auth.Role'


    grails.plugin.springsecurity.filterChain.chainMap = [
            '/oauth/token': 'JOINED_FILTERS,-oauth2ProviderFilter,-securityContextPersistenceFilter,-logoutFilter,-authenticationProcessingFilter,-rememberMeAuthenticationFilter,-exceptionTranslationFilter',
            '/securedOAuth2Resources/**': 'JOINED_FILTERS,-securityContextPersistenceFilter,-logoutFilter,-authenticationProcessingFilter,-rememberMeAuthenticationFilter,-oauth2BasicAuthenticationFilter,-exceptionTranslationFilter',
            '/**': 'JOINED_FILTERS,-statelessSecurityContextPersistenceFilter,-oauth2ProviderFilter,-clientCredentialsTokenEndpointFilter,-oauth2BasicAuthenticationFilter,-oauth2ExceptionTranslationFilter'
    ]


        grails.plugin.springsecurity.controllerAnnotations.staticRules = [
                '/':                ['permitAll'],
                '/**/**':                ['permitAll'],
                '/index':           ['permitAll'],
                '/index.gsp':       ['permitAll'],
                '/assets/**':       ['permitAll'],
                '/**/js/**':        ['permitAll'],
                '/**/css/**':       ['permitAll'],
                '/**/images/**':    ['permitAll'],
                '/**/fonts/**':     ['permitAll'],
                '/**/favicon.ico':  ['permitAll'],
                '/**/fonts/**':     ['permitAll'],
                '/oauth/authorize.dispatch':      ["isFullyAuthenticated() and (request.getMethod().equals('GET') or request.getMethod().equals('POST'))"],
                '/oauth/token.dispatch':          ["isFullyAuthenticated() and request.getMethod().equals('POST')"],
        ]

        grails.plugin.springsecurity.oauthProvider.clientLookup.className = 'com.oauth.Client'
        grails.plugin.springsecurity.oauthProvider.authorizationCodeLookup.className = 'com.oauth.AuthorizationCode'
        grails.plugin.springsecurity.oauthProvider.accessTokenLookup.className = 'com.oauth.AccessToken'
        grails.plugin.springsecurity.oauthProvider.refreshTokenLookup.className = 'com.oauth.RefreshToken'

当我删除过滤器链图弹簧安全性去折腾和oauth工作正常但是什么时候添加链图oauth不起作用。

任何人都可以帮助我吗?

0 个答案:

没有答案