Spring OAuth2不充分的身份验证异常 [英] Spring oauth2 InsufficientAuthenticationException
本文介绍了Spring OAuth2不充分的身份验证异常的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
具有以下基于web.xml类的配置:
public class WebApp extends AbstractDispatcherServletInitializer {
@Override
protected WebApplicationContext createServletApplicationContext() {
AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
context.scan(ClassUtils.getPackageName(getClass()));
return context;
}
@Override
protected String[] getServletMappings() {
return new String[]{"/api/*"};
}
@Override
protected WebApplicationContext createRootApplicationContext() {
return null;
}
@Override
public void onStartup(ServletContext servletContext) throws ServletException {
super.onStartup(servletContext);
DelegatingFilterProxy filter = new DelegatingFilterProxy("springSecurityFilterChain");
filter.setServletContext(servletContext);
filter.setContextAttribute("org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher");
servletContext.addFilter("springSecurityFilterChain", filter).addMappingForUrlPatterns(null, false, "/api/*");
}
}
尝试访问其中一个OAuth终结点时,我得到以下结果:
curl -u core:secret "http://localhost:8081/api/oauth/token?client_id=core&grant_type=password&username=user&password=123&response_type=token&scope=admin"
{"error":"unauthorized","error_description":"There is no client authentication. Try adding an appropriate authentication filter."}%
奇怪的是,当我将Servlet的映射从/api/*更改为/it时,它会按预期工作。所以一定是出了什么问题,但我不知道是什么?
推荐答案
您可以在FrameworkHandlerMapping
中设置前缀,例如通过AuthorizationServerEndpointsConfigurer
:
@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
String prefix = "/api";
endpoints.prefix(prefix);
}
}
这篇关于Spring OAuth2不充分的身份验证异常的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文