如何更改Spring安全OAuth2默认令牌端点? [英] How to change spring security oauth2 default token endpoint?
本文介绍了如何更改Spring安全OAuth2默认令牌端点?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我们有基于Spring Security OAuth2的应用程序。一切都运行得很好。但我无法将默认令牌终结点从"/OAuth/Token"更改为"/External/OAuth/Token"。
我的Spring-servlet.xml
<http pattern="/external/oauth/token" create-session="stateless"
authentication-manager-ref="clientAuthenticationManager"
use-expressions="true" xmlns="http://www.springframework.org/schema/security">
<intercept-url pattern="/external/oauth/token" access="isFullyAuthenticated()" />
<anonymous enabled="false" />
<http-basic entry-point-ref="clientAuthenticationEntryPoint" />
<!-- include this only if you need to authenticate clients via request parameters -->
<custom-filter ref="clientCredentialsTokenEndpointFilter" after="BASIC_AUTH_FILTER" />
<access-denied-handler ref="oauthAccessDeniedHandler"/>
</http>
<oauth:authorization-server client-details-service-ref="clientDetails"
token-services-ref="tokenServices"
user-approval-handler-ref="userApprovalHandler" token-endpoint-url="/external/oauth/token">
<oauth:authorization-code />
<oauth:implicit />
<oauth:refresh-token />
<oauth:client-credentials />
<oauth:password />
</oauth:authorization-server>
但我访问此终结点时的结果是
{
error: "unauthorized"
error_description: "An Authentication object was not found in the SecurityContext"
}
我错过了什么吗?请提出建议。
推荐答案
使用Spring-SECURITY-OAuth2的2.0.5.RELEASE或更高版本
在经过测试并正常工作的基于Java的配置中的一行中,它以某种方式覆盖了TokenEndpoint类的RequestMaping值。
@Configuration
@EnableAuthorizationServer
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.pathMapping("/oauth/token", "<your custom endpoint>")
}
}
这篇关于如何更改Spring安全OAuth2默认令牌端点?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文