Microsoft Azure Azure的弹簧启动安全性

时间:2018-04-04 13:04:44

标签: java spring spring-boot spring-security azure-active-directory

目前正在使用node.js进行UI,并为后端webservice使用spring boot。我们已经使用Microsoft azure注册了UI,并从config.js发送了所需的属性。 同样,我希望使用相同的SSO注册来保护后端Web服务。

我在application.properties

中提到了以下属性
azure.activedirectory.clientId="xyz"
azure.activedirectory.clientSecret="123"
azure.activedirectory.ActiveDirectoryGroups="groupname"
security.oauth2.client.clientAuthenticationScheme=form 
security.oauth2.client.scope=profile 

和MySecurityConfig.java

@EnableOAuth2Sso
@EnableGlobalMethodSecurity(securedEnabled = true,
    prePostEnabled = true)

public class MySecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired
private AADAuthenticationFilter aadAuthFilter;
@Autowired
OAuth2ClientContextFilter oAuth2ClientContextFilter;
protected void configure(HttpSecurity http) throws Exception {
     /* http.authorizeRequests()
          .anyRequest().authenticated()//any other request just need 
         authentication
          .and()
          .formLogin();//enable form login*/
         http.authorizeRequests().anyRequest().permitAll();
      http.addFilterAfter(aadAuthFilter, 
      UsernamePasswordAuthenticationFilter.class);

  }
}

当遵循azure-active-directory-spring-boot-starter示例中提到的相同步骤时,我得到以下异常:

org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: A redirect is required to get the users approval
        at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.getRedirectForAuthorization(AuthorizationCodeAccessTokenProvider.java:359) ~[spring-security-oauth2-2.0.14.RELEASE.jar:na]
        at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.obtainAccessToken(AuthorizationCodeAccessTokenProvider.java:205) ~[spring-security-oauth2-2.0.14.RELEASE.jar:na]
        at org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:221) ~[spring-security-oauth2-2.0.14.RELEASE.jar:na]
        at org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:173) ~[spring-security-oauth2-2.0.14.RELEASE.jar:na]
        at org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter.attemptAuthentication(OAuth2ClientAuthenticationProcessingFilter.java:105) ~[spring-security-oauth2-2.0.14.RELEASE.jar:na]
        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) ~[spring-security-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]
        at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) ~[spring-security-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]
        at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:100) ~[spring-security-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.10.RELEASE.jar:4.3.10.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]
        at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64) ~[spring-security-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.10.RELEASE.jar:4.3.10.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.2.3.RELEASE.jar:4.2.3.RELEASE]

0 个答案:

没有答案