0
我對Spring有以下安全性xml(見下文)。在本例中,我想使用OAuth2通過Facebook登錄用戶。大多數情況下都可以使用 - 當用戶試圖訪問受保護的URL時,它們會自動重定向到Facebook登錄頁面。當成功登錄時,Facebook會將其重定向到我的網絡應用上的相應URI /authLogin。然而,一個UserApprovalRequiredException被拋出,但沒有處理它。我不明白,因爲用戶完成登錄過程,並且重定向到我的應用程序中有一個code值。下面還包括了堆棧跟蹤。任何人都可以請幫我理解如何解決這個問題?春季OAuth2成功登錄後拋出UserApprovalRequiredException
的security.xml
<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns:security="http://www.springframework.org/schema/security"
\t \t xmlns:b="http://www.springframework.org/schema/beans"
\t \t xmlns:aop="http://www.springframework.org/schema/aop"
\t \t xmlns:context="http://www.springframework.org/schema/context"
\t \t xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
\t \t xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
\t \t xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
\t \t \t \t \t \t \t http://www.springframework.org/schema/aop
\t \t \t \t \t http://www.springframework.org/schema/aop/spring-aop-4.0.xsd
\t \t \t \t \t \t \t http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
\t \t \t \t \t \t \t http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
\t \t \t \t \t \t \t http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd">
\t
\t <context:property-placeholder location="classpath:/application.properties" />
\t
\t <security:http pattern="/api" security="none"/>
\t <security:http pattern="/geowave/**" security="none"/>
\t <security:http entry-point-ref="authenticationEntryPoint">
\t <!-- <security:http-basic /> -->
\t <security:form-login default-target-url="/api"/>
\t <security:anonymous enabled="false"/>
<security:intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY"/>
\t <security:custom-filter ref="oauth2ClientContextFilter" after="EXCEPTION_TRANSLATION_FILTER"/>
<security:custom-filter ref="oAuth2AuthenticationProcessingFilter" before="FILTER_SECURITY_INTERCEPTOR"/>
\t </security:http>
\t
\t <!-- Login entry point -->
<b:bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
\t <b:property name="loginFormUrl" value="/authLogin"/>
</b:bean>
\t
\t <security:authentication-manager>
\t \t <security:authentication-provider user-service-ref="customAdmin">
\t \t </security:authentication-provider>
\t </security:authentication-manager>
\t
\t <security:user-service id="customAdmin">
\t \t <security:user name="geowave_username" password="geowave_password" authorities="ROLE_USER, ROLE_ADMIN" />
\t </security:user-service>
\t
\t <!--apply the oauth client context -->
<b:bean id="oauth2ClientContextFilter"
\t \t class="org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter">
\t </b:bean>
\t <b:bean id="oAuth2AuthenticationProcessingFilter" class="org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter">
<b:constructor-arg name="defaultFilterProcessesUrl" value="/authLogin"/>
<b:property name="restTemplate" ref="facebookRestTemplate"/>
</b:bean>
\t <b:bean id="facebook" class="org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails">
\t <b:property name="grantType" value="authorization_code"/>
\t <b:property name="clientId" value="${oauth.client.id}"/>
<b:property name="clientSecret" value="${oauth.client.secret}"/>
<b:property name="authenticationScheme" value="query"/>
<b:property name="accessTokenUri" value="${oauth.accessTokenUri}"/>
<b:property name="userAuthorizationUri" value="${oauth.userAuthorizationUri}"/>
<b:property name="useCurrentUri" value="false"/>
<b:property name="preEstablishedRedirectUri" value="${oauth.redirect.url}"/>
<b:property name="tokenName" value="${oauth.tokenName}"/>
<b:property name="scope" value="${oauth.authScope}"/>
<b:property name="clientAuthenticationScheme" value="form"/>
\t </b:bean>
\t
\t <b:bean id="facebookRestTemplate" class="org.springframework.security.oauth2.client.OAuth2RestTemplate" scope="session">
<aop:scoped-proxy/>
<b:constructor-arg name="resource" ref="facebook"/>
<b:property name="messageConverters">
<b:list>
<b:bean class="org.springframework.http.converter.json.MappingJacksonHttpMessageConverter">
<b:property name="supportedMediaTypes">
<b:list>
<b:bean class="org.springframework.http.MediaType">
<!--facebook sends its json as text/javascript for some reason -->
<b:constructor-arg value="text" />
<b:constructor-arg value="javascript" />
</b:bean>
<b:bean class="org.springframework.http.MediaType">
<b:constructor-arg value="application" />
<b:constructor-arg value="json" />
</b:bean>
</b:list>
</b:property>
</b:bean>
</b:list>
</b:property>
</b:bean>
</b:beans>堆棧跟蹤
org.springframework.security.oauth2.client.resource.UserApprovalRequiredException
\t at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.getUserApprovalSignal(AuthorizationCodeAccessTokenProvider.java:376)
\t at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.obtainAuthorizationCode(AuthorizationCodeAccessTokenProvider.java:161)
\t at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.obtainAccessToken(AuthorizationCodeAccessTokenProvider.java:207)
\t at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainNewAccessTokenInternal(AccessTokenProviderChain.java:148)
\t at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainAccessToken(AccessTokenProviderChain.java:121)
\t at org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:221)
\t at org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:173)
\t at org.springframework.security.oauth2.client.OAuth2RestTemplate$$FastClassBySpringCGLIB$$ca6dc720.invoke(<generated>)
\t at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
\t at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:708)
\t at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
\t at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133)
\t at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121)
\t at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
\t at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:644)
\t at org.springframework.security.oauth2.client.OAuth2RestTemplate$$EnhancerBySpringCGLIB$$3a151063.getAccessToken(<generated>)
\t at org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter.attemptAuthentication(OAuth2ClientAuthenticationProcessingFilter.java:105)
\t at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:211)
\t at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
\t at org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.doFilter(OAuth2ClientContextFilter.java:60)
\t at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
\t at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
\t at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
\t at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
\t at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
\t at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154)
\t at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
\t at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
\t at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
\t at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:155)
\t at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
\t at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
\t at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
\t at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
\t at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
\t at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
\t at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
\t at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
\t at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
\t at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
\t at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
\t at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
\t at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
\t at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
\t at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
\t at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
\t at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
\t at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
\t at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
\t at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
\t at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
\t at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
\t at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1041)
\t at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:603)
\t at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:312)
\t at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
\t at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
\t at java.lang.Thread.run(Thread.java:745)