0
移动移动到基于Java config认证无法通过身份验证的步骤 可能有人解释后,如何实现的AuthenticationManager?春天AUTH - 从XML到Java配置
现在我得到
{
"error": "unauthorized",
"error_description": "Full authentication is required to access this resource"
}
这里试图获取令牌回购https://github.com/mikesockor/SOFqstn
@SpringBootApplication
@EnableResourceServer
@EnableDiscoveryClient
//@ImportResource({"classpath*:spring-security-oauth2.xml"})
如何实现这一点?
<sec:http pattern="/oauth/token" create-session="stateless" authentication-manager-ref="authenticationManager" >
<sec:intercept-url pattern="/oauth/token" />
<sec:anonymous enabled="true" />
<sec:http-basic entry-point-ref="clientAuthenticationEntryPoint" />
<sec:custom-filter ref="clientCredentialsTokenEndpointFilter" after="BASIC_AUTH_FILTER" />
<sec:access-denied-handler ref="oauthAccessDeniedHandler" />
</sec:http>
<sec:http auto-config="true" pattern="/oauth/check_token" create-session="stateless" authentication-manager-ref="authenticationManager">
<sec:intercept-url pattern="/oauth/check_token" access="IS_AUTHENTICATED_FULLY" />
<sec:anonymous enabled="false"/>
<sec:http-basic entry-point-ref="clientAuthenticationEntryPoint" />
</sec:http>
<sec:http pattern="/**" create-session="stateless" entry-point-ref="oauthAuthenticationEntryPoint"
access-decision-manager-ref="accessDecisionManager" >
<sec:anonymous enabled="false" />
<sec:intercept-url pattern="/**" />
<sec:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<sec:access-denied-handler ref="oauthAccessDeniedHandler" />
</sec:http>
另外,如果我会尽量
#security.basic.enabled=false
security.ignored=/**
越来越
{
"timestamp": 1491919124442,
"status": 405,
"error": "Method Not Allowed",
"exception": "org.springframework.web.HttpRequestMethodNotSupportedException",
"message": "Request method 'POST' not supported",
"path": "/oauth/token"
}