大佬教程收集整理的这篇文章主要介绍了Spring Boot + Spring OAuth Java配置,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
为了将Spring Security与Java Config结合使用,您必须在内部具有这样的SecurityConfig文件(摘自http://projects.spring.io/spring- security-oauth/docs/oauth2.HTML)
@OverrIDe
protected voID configure(httpSecurity http) throws Exception {
http
.authorizerequests().antMatchers("/login").permitAll().and()
// default protection for all resources (including /oauth/authorizE)
.authorizerequests()
.anyrequest().hasRole("USER")
// ... more configuration, e.g. for form login
}
您还可以在该位置使用 http.addFilterafter(oAuthConsumerContextFilter(),
AnonymousAuthenticationFilter.class);
您的代码的问题在于,在创建Authetication之前正在执行过滤器。
所以我猜两个过滤器都应该至少在AnonymousAuthenticationFilter.class之后
您可以在此处找到过滤器列表:http ://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity- single.html#filter-stack
这为我工作:
http
.addFilterafter(oAuthConsumerContextFilter(), SwitchUserFilter.class)
.addFilterafter(oAuthConsumerProcessingFilter(), OAuthConsumerContextFilter.class)
我试图在简单的Spring Boot + Spring OAuth应用程序上获得OAuth 1(3条腿),仅作为消费者。
我一直在尝试将tonr示例移植到spring-security-oauth存储库(https://github.com/spring-
projects/spring-security-oauth)上,以使用Java配置而不是XML。
但是,我得到:
java.lang.NullPointerException: null
at org.springframework.security.oauth.consumer.filter.oAuthConsumerProcessingFilter.doFilter(OAuthConsumerProcessingFilter.java:87)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.boot.actuate.trace.WebrequestTraceFilter.doFilterInternal(WebrequestTraceFilter.java:102)
at org.springframework.web.filter.oncePerrequestFilter.doFilter(OncePerrequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.oncePerrequestFilter.doFilter(OncePerrequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.boot.actuate.autoconfigure.MetricFilterAutoConfiguration$MetricsFilter.doFilterInternal(MetricFilterAutoConfiguration.java:90)
at org.springframework.web.filter.oncePerrequestFilter.doFilter(OncePerrequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.core.StandardENGIneValve.invoke(StandardENGIneValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:516)
at org.apache.coyote.http11.Abstracthttp11Processor.process(Abstracthttp11Processor.java:1086)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:659)
at org.apache.coyote.http11.http11NioProtocol$http11ConnectionHandler.process(http11NioProtocol.java:223)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1558)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1515)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
&Hellip;可能是因为OAuthConsumerContextFilter设置不正确。
我尝试<oauth:consumer>如下配置零件:
@Bean
public OAuthConsumerProcessingFilter oAuthConsumerProcessingFilter()
{
OAuthConsumerProcessingFilter result = new OAuthConsumerProcessingFilter();
result.setProtectedresourceDetailsservice(protectedresourceDetailsservice());
final LinkedHashMap<requestMatcher,Collection<ConfigAttribute>> map = new LinkedHashMap<>();
map.put(new RegexrequestMatcher("/sparklr/*",null),Collections.singletonList(ConsumerSecurityConfig.PERMIT_all_ATTRIBUTE));
result.setObjectDefinitionsource(new DefaultFilterInvocationSecuritymetadatasource(map));
return result;
}
@Bean
public ProtectedresourceDetailsservice protectedresourceDetailsservice()
{
return (String id) -> {
switch (id) {
case "sparklrPhotos":
sparklrProtectedresourceDetails();
break;
}
throw new RuntimeException("Error");
};
}
@Bean
public OAuthConsumerContextFilter oAuthConsumerContextFilter() {
final CoreOAuthConsumerSupport consumerSupport = new CoreOAuthConsumerSupport();
consumerSupport.setProtectedresourceDetailsservice(protectedresourceDetailsservice());
final OAuthConsumerContextFilter filter = new OAuthConsumerContextFilter();
filter.setConsumerSupport(consumerSupport);
return filter;
}
&Hellip;但显然缺少某些东西。我什至一直删除了,switch并始终返回相同的受保护资源详细信息,但这并没有改变我没有上下文的事实。
我应该怎么做才能使这项工作?让我知道是否需要显示代码的其他部分。
更新:我添加了Consumer Context过滤器,但是我认为它没有被应用,因为我得到了同样的错误
以上是大佬教程为你收集整理的Spring Boot + Spring OAuth Java配置全部内容,希望文章能够帮你解决Spring Boot + Spring OAuth Java配置所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。