Spring OAuth2不充分的身份验证异常 [英] Spring oauth2 InsufficientAuthenticationException

问题描述

具有以下基于web.xml类的配置：

public class WebApp extends AbstractDispatcherServletInitializer {

    @Override
    protected WebApplicationContext createServletApplicationContext() {
        AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
        context.scan(ClassUtils.getPackageName(getClass()));
        return context;
    }

    @Override
    protected String[] getServletMappings() {
        return new String[]{"/api/*"};
    }

    @Override
    protected WebApplicationContext createRootApplicationContext() {
        return null;
    }

    @Override
    public void onStartup(ServletContext servletContext) throws ServletException {
        super.onStartup(servletContext);
        DelegatingFilterProxy filter = new DelegatingFilterProxy("springSecurityFilterChain");
        filter.setServletContext(servletContext);
        filter.setContextAttribute("org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher");
        servletContext.addFilter("springSecurityFilterChain", filter).addMappingForUrlPatterns(null, false, "/api/*");
    }

}

尝试访问其中一个OAuth终结点时，我得到以下结果：

curl -u core:secret "http://localhost:8081/api/oauth/token?client_id=core&grant_type=password&username=user&password=123&response_type=token&scope=admin" 

{"error":"unauthorized","error_description":"There is no client authentication. Try adding an appropriate authentication filter."}%

奇怪的是，当我将Servlet的映射从/api/*更改为/it时，它会按预期工作。所以一定是出了什么问题，但我不知道是什么？

推荐答案

您可以在FrameworkHandlerMapping中设置前缀，例如通过AuthorizationServerEndpointsConfigurer：

@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        String prefix = "/api";
        endpoints.prefix(prefix);
    }
}

这篇关于Spring OAuth2不充分的身份验证异常的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！