0
移動移動到基於Java config認證無法通過身份驗證的步驟 可能有人解釋後,如何實現的AuthenticationManager?春天AUTH - 從XML到Java配置
現在我得到
{
"error": "unauthorized",
"error_description": "Full authentication is required to access this resource"
}
這裏試圖獲取令牌回購https://github.com/mikesockor/SOFqstn
@SpringBootApplication
@EnableResourceServer
@EnableDiscoveryClient
//@ImportResource({"classpath*:spring-security-oauth2.xml"})
如何實現這一點?
<sec:http pattern="/oauth/token" create-session="stateless" authentication-manager-ref="authenticationManager" >
<sec:intercept-url pattern="/oauth/token" />
<sec:anonymous enabled="true" />
<sec:http-basic entry-point-ref="clientAuthenticationEntryPoint" />
<sec:custom-filter ref="clientCredentialsTokenEndpointFilter" after="BASIC_AUTH_FILTER" />
<sec:access-denied-handler ref="oauthAccessDeniedHandler" />
</sec:http>
<sec:http auto-config="true" pattern="/oauth/check_token" create-session="stateless" authentication-manager-ref="authenticationManager">
<sec:intercept-url pattern="/oauth/check_token" access="IS_AUTHENTICATED_FULLY" />
<sec:anonymous enabled="false"/>
<sec:http-basic entry-point-ref="clientAuthenticationEntryPoint" />
</sec:http>
<sec:http pattern="/**" create-session="stateless" entry-point-ref="oauthAuthenticationEntryPoint"
access-decision-manager-ref="accessDecisionManager" >
<sec:anonymous enabled="false" />
<sec:intercept-url pattern="/**" />
<sec:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<sec:access-denied-handler ref="oauthAccessDeniedHandler" />
</sec:http>
另外,如果我會盡量
#security.basic.enabled=false
security.ignored=/**
越來越
{
"timestamp": 1491919124442,
"status": 405,
"error": "Method Not Allowed",
"exception": "org.springframework.web.HttpRequestMethodNotSupportedException",
"message": "Request method 'POST' not supported",
"path": "/oauth/token"
}