Java 403在spring oauth中访问/oauth/token时禁止
我正在尝试实现SpringOAuth2.0,我得到了403禁止的错误 Spring-security.xmlJava 403在spring oauth中访问/oauth/token时禁止,java,spring,spring-mvc,oauth,spring-security,Java,Spring,Spring Mvc,Oauth,Spring Security,我正在尝试实现SpringOAuth2.0,我得到了403禁止的错误 Spring-security.xml <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="ht
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security/oauth2
http://www.springframework.org/schema/security/spring-security-oauth2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!-- Stateless RESTful services use BASIC authentication -->
<security:http use-expressions="true" auto-config='true' create-session="stateless" authentication-manager-ref="authenticationManager">
<security:intercept-url pattern="/oauth/**" access="isAnonymous()"/>
<security:intercept-url pattern="/rest/**" />
<security:http-basic/>
<access-denied-handler ref="oauthAccessDeniedHandler"/>
</security:http>
<oauth:authorization-server client-details-service-ref="client-details-service" token-services-ref="tokenServices">
<oauth:authorization-code />
<oauth:implicit />
<oauth:refresh-token />
<oauth:client-credentials />
<oauth:password authentication-manager-ref="authenticationOauthManager"/>
</oauth:authorization-server>
<beans:bean id="clientCredentialsTokenEndpointFilter"
class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
<beans:property name="authenticationManager" ref="authenticationManager"/>
</beans:bean>
<beans:bean id="jdbcDaoImpl" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
<beans:property name="enableGroups" value="true" />
<beans:property name="enableAuthorities" value="false" />
<beans:property name="dataSource" ref="dataSource" />
</beans:bean>
<!-- Oauth Client Verification Configuration -->
<oauth:client-details-service id="client-details-service">
<!-- Web Application clients -->
<oauth:client
client-id="NofaAdmin"
secret="655f523128212d6e70634446224c2a48"
authorized-grant-types="password,refresh_token,authorization_code"
access-token-validity="5184000"
refresh-token-validity="5184000"
/>
</oauth:client-details-service>
<beans:bean id="clientAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<beans:property name="typeName" value="Basic"/>
</beans:bean>
<beans:bean id="oauthAccessDeniedHandler"
class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler"/>
<!-- Token Generation -->
<beans:bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<beans:property name="tokenStore" ref="tokenStore"/>
<beans:property name="supportRefreshToken" value="true"/>
<beans:property name="clientDetailsService" ref="client-details-service"/>
</beans:bean>
<security:authentication-manager alias="authenticationOauthManager">
<security:authentication-provider>
<security:user-service>
<security:user name="admin" password="password" authorities="ROLE_USER" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<!-- Storing Generated Tokens In Database
--> <!-- <beans:bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
<beans:constructor-arg ref="dataSource" />
</beans:bean> -->
<beans:bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore"/>
<oauth:resource-server id="resourceServerFilter" token-services-ref="tokenServices"/>
<!-- Security JDBC Authentication Manager -->
<security:authentication-manager alias="authenticationManager" xmlns="http://www.springframework.org/schema/security">
<security:authentication-provider>
<security:jdbc-user-service data-source-ref="dataSource"
users-by-username-query=
"select email,password,1 from USER where email=?"
authorities-by-username-query=
"select * from ROLE r INNER JOIN (select * from USER u INNER JOIN ROLE_USER ru on u.ID=ru.USER_ID where u.email=? limit 1) roleobj on roleobj.ROLE_ID=r.ID"/>
</security:authentication-provider>
</security:authentication-manager>
</beans:beans>
<!-- <security:global-method-security jsr250-annotations="enabled" access-decision-manager-ref="accessDecisionManager"/>
<beans:bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
<beans:property name="decisionVoters">
<beans:list>
<beans:bean class="org.springframework.security.access.annotation.Jsr250Voter"/>
</beans:list>
</beans:property>
</beans:bean> -->
Application Context.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd">
<beans default-autowire="byName">
<!--
<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalEntityManagerFactoryBean">
<property name="persistenceUnitName" value="m2m"/>
</bean>
-->
<bean id="currencyRateService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/CurrencyRateService/remote" />
</bean>
<bean id="reportService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/ReportService/remote" />
</bean>
<bean id="invoiceService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/InvoiceService/remote" />
</bean>
<bean id="entercarduserService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/EnterCardUserService/remote" />
</bean>
<bean id="userService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/UserService/remote" />
</bean>
<bean id="userLoginStatusService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/UserLoginStatusService/remote" />
</bean>
<!-- <bean id="campaignService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/CampaignService/remote" />
</bean> -->
<bean id="rewardService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/RewardService/remote" />
</bean>
<bean id="partnerService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/PartnerService/remote" />
</bean>
<bean id="socialService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/SocialService/remote" />
</bean>
<bean id="activityService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/ActivityService/remote" />
</bean>
<bean id="constantService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/ConstantService/remote" />
</bean>
<bean id="regionService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/RegionService/remote" />
</bean>
<!-- <bean id="verificationService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName"
value="m2m/VerificationService/remote" />
</bean> -->
<bean id="trophyService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/TrophyService/remote" />
</bean>
<bean id="contentService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/ContentService/remote" />
</bean>
<bean id="templateService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/TemplateService/remote" />
</bean>
<bean id="partnerUISettingService"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="m2m/PartnerUISettingService/remote" />
</bean>
<bean id="dataSource"
class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="java:/M2MDS" />
</bean>
<!-- Cache -->
<!-- <bean id="cacheManager" class="net.sf.ehcache.CacheManager" factory-method="getInstance" /> -->
<bean id="cacheManager"
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
<property name="configLocation" value="classpath:ehcache.xml" />
</bean>
<bean id="sessionCache"
class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager" ref="cacheManager" />
<property name="cacheName" value="m2msession" />
</bean>
<bean id="applicationCache"
class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager" ref="cacheManager" />
<property name="cacheName" value="m2mapplication" />
</bean>
<bean id="contextCache"
class="com.sinarotech.m2m.web.cache.EhcacheContextCache">
<property name="sessionCache" ref="sessionCache" />
<property name="applicationCache" ref="applicationCache" />
</bean>
<!-- Utils -->
<bean id="contactImporter"
class="com.sinarotech.m2m.contact.OZContactImporter" />
<bean id="helperUtils"
class="com.sinarotech.m2m.web.util.HelperUtils">
<property name="userService" ref="userService" />
<property name="constantService" ref="constantService" />
<property name="rewardService" ref="rewardService" />
</bean>
<bean id="pecuniosusManager"
class="com.sinarotech.m2m.service.PecuniosusManager"
factory-method="getInstance" />
<bean id="config" class="com.sinarotech.m2m.util.Configuration"
factory-method="getInstance" />
<bean id="tipsFactory"
class="com.sinarotech.m2m.web.util.TipsFactory">
<constructor-arg type="java.lang.String" value="tips.drl" />
<property name="config" ref="config" />
</bean>
<bean id="affiliateHandlerFactory"
class="com.sinarotech.m2m.affiliate.AffiliateHandlerFactory"
factory-method="getInstance" />
<bean id="twitterHandler"
class="com.sinarotech.m2m.twitter.AtomTwitterHandler" />
<bean id="bankManager"
class="com.sinarotech.m2m.service.BankManager"
factory-method="getInstance" />
<bean id="exchangeManager"
class="com.sinarotech.m2m.web.util.ExchangeManager">
<constructor-arg value="exchange.properties" />
<property name="userService" ref="userService" />
<property name="contextCache" ref="contextCache" />
</bean>
<bean
class="org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping"/>
<bean id="supportProvider"
class="com.sinarotech.m2m.support.HelpspotSupportProvider" />
<bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter">
<property name="messageConverters">
<list>
<bean class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter"/>
<bean class="org.springframework.http.converter.ByteArrayHttpMessageConverter"/>
<bean class="org.springframework.http.converter.xml.SourceHttpMessageConverter"/>
<bean class="org.springframework.http.converter.FormHttpMessageConverter"/>
<bean class="org.springframework.http.converter.StringHttpMessageConverter"/>
</list>
</property>
</bean>
</beans>
</beans>
我的代码中没有任何异常。有人能指出配置部分的错误吗?我正在尝试将Spring Security Oauth集成到Struts应用程序中
谢谢您是否可以在Log4j或类似的日志中打开调试日志记录,当您尝试访问令牌时,您将在日志中看到一些信息,并将其作为stacktrace发布在主帖子中。无法用您提供的信息回答。很可能您没有发送正确的HTTP请求。