1. 首頁
  2. 問答
  3. 春天可以有多個ConfigurerAdapter嗎?

春天可以有多個ConfigurerAdapter嗎?

2016-09-20 48 views
1

我需要使用ldap身份驗證添加OAuth2安全性。 我首先實現了ldap認證並添加了一個WebSecurityConfigurerAdapter實例。春天可以有多個ConfigurerAdapter嗎?

@Configuration 
@EnableWebSecurity 
@Order(2) 
public class WebSecurityConfig extends WebSecurityConfigurerAdapter { 

    @Override 
    protected void configure(final HttpSecurity http) throws Exception { 
     http.authorizeRequests() 
      .anyRequest().fullyAuthenticated() 
      .and() 
      .formLogin(); 
    } 

    @Override 
    @Bean 
    public AuthenticationManager authenticationManagerBean() throws Exception { 
     return super.authenticationManagerBean(); 
    } 

    @Autowired 
    public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception { 
     auth.ldapAuthentication() 
       .contextSource().url("ldaps://master:636/dc=domain,dc=com") 
       .managerDn("cn=readonly,dc=domain,dc=com").managerPassword("123456") 
       .and() 
       .userSearchFilter("(uid={0})"); 
    } 
}

我需要補充的OAuth2資源服務器適配器ResourceServerConfigurerAdapter

@Configuration 
@Import({ DatabaseConfig.class }) 
@EnableResourceServer 
@Order(1) 
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter { 

    @Autowired DatabaseConfig databaseConfig; 

    @Override 
    public void configure(final HttpSecurity http) throws Exception { 
     http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED).and().authorizeRequests() 
       .anyRequest().authenticated(); 
    } 


    @Bean 
    public JwtAccessTokenConverter accessTokenConverter() { 
     final JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); 
     // converter.setSigningKey("123"); 
     final Resource resource = new ClassPathResource("public.txt"); 
     String publicKey = null; 
     try { 
      publicKey = IOUtils.toString(resource.getInputStream()); 
     } catch (final IOException e) { 
      throw new RuntimeException(e); 
     } 
     converter.setVerifierKey(publicKey); 
     return converter; 
    } 

    @Bean 
    @Primary 
    public DefaultTokenServices tokenServices() { 
     final DefaultTokenServices defaultTokenServices = new DefaultTokenServices(); 
     defaultTokenServices.setTokenStore(tokenStore()); 
     return defaultTokenServices; 
    } 


    @Bean 
    public TokenStore tokenStore() { 
     return new JdbcTokenStore(databaseConfig.dataSource()); 
    }

好像WebSecurityConfigurerAdapter和ResourceServerConfigurerAdapter衝突的同時配置時。

我既configure()方法打不過我只能得到通過我的REST API使用http://localhost:8080/login LDAP訪問登錄,不能用我的使用OAuth http://localhost:8081/login

角度的客戶,我有以下錯誤當試圖訪問資源時:

Failed to find refresh token for token eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiJqb2huIiwic2NvcGUiOlsiZm9vIiwicmVhZCIsIndyaXRlIl0sIm9yZ2FuaXphdGlvbiI6ImpvaG5vRnZiIiwiYXRpIjoiNDcyZTJiNDYtZjgxZS00NGJiLWEwNDMtMGYwZmRjMDMzY2U1IiwiZXhwIjoxNDc2NTQ5NjYzLCJhdXRob3JpdGllcyI6WyJST0xFX1VTRVIiXSwianRpIjoiN2UwNzRkZDktOWI0ZC00MTU0LWJjMzktMDlkY2U4Y2UyZTg2IiwiY2xpZW50X2lkIjoiZm9vQ2xpZW50SWRQYXNzd29yZCJ9.fuarTPL1O00Yg6b3BPibwux1ZtlmrHaPCJkgjsJni_51B3NEHkdB9kqbABK3IkMWMlZdqY8xfR-zMpY9SxFkpRFDfyvosgLcsTZ... 
Handling error: InvalidGrantException, Invalid refresh token: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVC...

來源

2016-09-20 BigDong

回答

1

我有同樣的問題。可能是我的解決方案不夠優雅,但它適用於我。

我試過OAuth2ResourceServerConfig,它擴展了WebSecurityConfig並實現了ResourceServerConfigurer。

OAuth2ResourceServerConfig必須是這樣的

@Configuration 
@Import({ DatabaseConfig.class }) 
@EnableResourceServer 
@Order(1) 
public class OAuth2ResourceServerConfig extends WebSecurityConfig implements ResourceServerConfigurer { 

    @Autowired DatabaseConfig databaseConfig; 

    @Override 
    public void configure(final HttpSecurity http) throws Exception { 
     http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED).and().authorizeRequests() 
       .anyRequest().authenticated(); 
    } 


    @Bean 
    public JwtAccessTokenConverter accessTokenConverter() { 
     final JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); 
     // converter.setSigningKey("123"); 
     final Resource resource = new ClassPathResource("public.txt"); 
     String publicKey = null; 
     try { 
      publicKey = IOUtils.toString(resource.getInputStream()); 
     } catch (final IOException e) { 
      throw new RuntimeException(e); 
     } 
     converter.setVerifierKey(publicKey); 
     return converter; 
    } 

    @Bean 
    @Primary 
    public DefaultTokenServices tokenServices() { 
     final DefaultTokenServices defaultTokenServices = new DefaultTokenServices(); 
     defaultTokenServices.setTokenStore(tokenStore()); 
     return defaultTokenServices; 
    } 


    @Bean 
    public TokenStore tokenStore() { 
     return new JdbcTokenStore(databaseConfig.dataSource()); 
    }

來源

2017-03-09 14:45:03

0

this post,我想你可以通過添加這個給你配置(陽明海運或屬性)使用以前的版本:

security: 
    oauth2: 
    resource: 
     filter-order: 3

我試着像我這樣將@Order註釋添加到我的源服務器配置中,並獲得相同的問題。因此,我認爲@Order註釋不會對ResourceServerConfigurerAdapter生效,但它對WebSecurityConfig正常工作。我不知道這是一個錯誤還是打算。

來源

2017-12-01 10:43:12 Xin

相關問題

 相關問題