如何使用XML使用Spring Security Oauth2启用/oauth/check_token [英] How to enable /oauth/check_token with Spring Security Oauth2 using XML
问题描述
我已经使用spring-security 3.2.*和javaconfig成功启用了'/oauth/check_token'终结点,但是目前我仅限于spring-security 3.1.4,然后又坚持使用XML config. '/oauth/token'端点按我的意愿工作,但是我无法启用check_token端点,也找不到任何(非javaconfig)文档来说明如何做.
I have successfully enabled the '/oauth/check_token' endpoint using spring-security 3.2.* and javaconfig but currently I'm restricted to spring-security 3.1.4 and then i'm stucked to XML config. '/oauth/token' endpoint is working as i wish but I can't get the check_token endpoint to be enabled and I can't find any (non javaconfig) documentation explaining what to do.
Vanila授权服务器配置:
Vanila Authorization server config:
<oauth:authorization-server
client-details-service-ref="client-service"
token-services-ref="tokenServices" >
<oauth:refresh-token disabled="false" />
<oauth:client-credentials disabled="false" />
<oauth:password authentication-manager-ref="userAuthenticationManager" />
</oauth:authorization-server>
http安全配置:
<sec:http
auto-config="true"
pattern="/oauth/token"
create-session="stateless"
authentication-manager-ref="clientAuthenticationManager">
<sec:intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
<sec:anonymous enabled="false"/>
<sec:http-basic entry-point-ref="clientAuthenticationEntryPoint" />
</sec:http>
我尝试添加以下http配置,但没有成功.
I've tried to add following http config without success.
<sec:http
auto-config="true"
pattern="/oauth/check_token"
create-session="stateless"
authentication-manager-ref="clientAuthenticationManager">
<sec:intercept-url pattern="/oauth/check_token" access="IS_AUTHENTICATED_FULLY" />
<sec:anonymous enabled="false"/>
<sec:http-basic entry-point-ref="clientAuthenticationEntryPoint" />
</sec:http>
请提出任何建议.一个可行的例子将是很好的.
please, any suggestions. A working example would be great.
最佳 ./Kristofer
best ./Kristofer
推荐答案
使用spring oauth2的最新版本:
Use the last version of spring oauth2:
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>2.0.10.RELEASE</version>
</dependency>
确保在Spring Security oauth文件配置中使用了正确的xsd版本:
Ensure what the correct version of xsd is in use in spring security oauth file configuration:
http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
在选项authorization-server
中插入选项check-token-enabled="true"
:
<oauth:authorization-server ... check-token-enabled="true">
...
</oauth:authorization-server>
这篇关于如何使用XML使用Spring Security Oauth2启用/oauth/check_token的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!