我已经创建了一个资源,一个用户策略(该策略仅允许用户Alice访问)和服务器管理密钥斗篷控制台的许可;当我从“评估”选项卡(在服务器管理控制台中)检查资源时,一切正常:Alice拥有权限,而所有其他用户则没有。问题是,当我尝试从Java应用程序(使用OIDC密钥斗篷过滤器)访问此资源时,任何用户始终会收到错误403。
我从程序中获得的消息是:
Connection can be kept alive indefinitely
DEBUG [http-nio-8080-exec-7] (Wire.java:87) - << "[{"name":"Axepta Resources","owner":{"id":"dc399ee2-f728-4c72-9d9d-4998f208b438","name":"AnubisAuth"},"ownerManagedAccess":false,"displayName":"Axepta Resources","attributes":{},"_id":"d851bcbd-6527-4d2b-901d-1643506799ff","uris":["http://localhost:8080/dcode_developer_war/"]}]"
DEBUG [http-nio-8080-exec-7] (ThreadSafeClientConnManager.java:286) - Released connection is reusable.
DEBUG [http-nio-8080-exec-7] (ConnPoolByRoute.java:431) - Releasing connection [{}->http://app.dastan.eng.it:6060][null]
DEBUG [http-nio-8080-exec-7] (ConnPoolByRoute.java:457) - Pooling connection [{}->http://app.dastan.eng.it:6060][null]; keep alive indefinitely
DEBUG [http-nio-8080-exec-7] (ConnPoolByRoute.java:678) - Notifying no-one, there are no waiting threads
DEBUG [http-nio-8080-exec-7] (PolicyEnforcer.java:81) - Initialization complete. Path configurations:
DEBUG [http-nio-8080-exec-7] (PolicyEnforcer.java:83) - PathConfig{name='null', type='null', path='http://localhost:8080/dcode_developer_war/', scopes=[], id='d851bcbd-6527-4d2b-901d-1643506799ff', enforcerMode='ENFORCING'}
DEBUG [http-nio-8080-exec-7] (PolicyEnforcer.java:93) - Policy enforcement is enabled. Enforcing policy decisions for path [http://localhost:8080/dcode_developer_war/].
DEBUG [http-nio-8080-exec-7] (AbstractPolicyEnforcer.java:90) - Checking permissions for path [http://localhost:8080/dcode_developer_war/] with config [null].
DEBUG [http-nio-8080-exec-7] (AbstractPolicyEnforcer.java:99) - Could not find a configuration for path [/]
DEBUG [http-nio-8080-exec-7] (PolicyEnforcer.java:99) - Policy enforcement result for path [http://localhost:8080/dcode_developer_war/] is : DENIED
DEBUG [http-nio-8080-exec-7] (PolicyEnforcer.java:100) - Returning authorization context with permissions:
我认为问题在于访问令牌中没有任何权限(您可以在错误的最后一行看到)。我非常确定服务器配置正确。关于的任何建议 可能是什么错误?