这是来自这里的已解决的问题(问题):https://github.com/spring-projects/spring-security-oauth/issues/375(请先阅读,然后继续,简短)。问题完全相同,但是建议的解决方案没有效果。
RourceServerSecurityConfigurer有一个authenticationEntryPoint()方法,我尝试使用该方法注入自定义入口点
@Configuration
@EnableAuthorizationServer
public class OAuth2AuthorizationConfig extends AuthorizationServerConfigurerAdapter {
...
@Override
public void configure(final AuthorizationServerSecurityConfigurer oauthServer) {
...
oauthServer
.authenticationEntryPoint(new CustomErrorAuthenticationEntryPoint());
}
...
}
但是AuthorizationServerSecurityConfigurer具有私有方法clientCredentialsTokenEndpointFilter(),其中我的设置被覆盖:
private ClientCredentialsTokenEndpointFilter clientCredentialsTokenEndpointFilter(HttpSecurity http) {
...
OAuth2AuthenticationEntryPoint authenticationEntryPoint = new OAuth2AuthenticationEntryPoint();
authenticationEntryPoint.setTypeName("Form");
authenticationEntryPoint.setRealmName(realm);
clientCredentialsTokenEndpointFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
...
}
也许我在做错事,但我似乎找不到找到一种方法来强制执行我的自定义入口点。