Java Spring Security oauth2重定向到登录
试图将Okta集成到我的SpringWebMVC应用程序中。因为我没有使用Spring Boot,所以我不得不遵循下面链接中的示例: 这就是我所拥有的:Java Spring Security oauth2重定向到登录,java,spring,spring-security,oauth-2.0,okta,Java,Spring,Spring Security,Oauth 2.0,Okta,试图将Okta集成到我的SpringWebMVC应用程序中。因为我没有使用Spring Boot,所以我不得不遵循下面链接中的示例: 这就是我所拥有的: @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Value("#{environment['okta.client-id']}") private String clientId; @Value
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Value("#{environment['okta.client-id']}")
private String clientId;
@Value("#{environment['okta.client-secret']}")
private String clientSecret;
@Value("#{environment['okta.redirect-uri']}")
private String redirectUri;
@Value("#{environment['okta.authorization-uri']}")
private String authorizationUri;
@Value("#{environment['okta.token-uri']}")
private String tokenUri;
@Value("#{environment['okta.user-info-uri']}")
private String userInfoUri;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.oauth2Login()
.clients(clientRegistrationRepository())
.userInfoEndpoint()
.userInfoTypeConverter(
new UserInfoConverter(),
new URI(userInfoUri));
}
@Bean
public ClientRegistrationRepository clientRegistrationRepository() {
List<ClientRegistration> clientRegistrations = Collections.singletonList(clientRegistration());
return new InMemoryClientRegistrationRepository(clientRegistrations);
}
private ClientRegistration clientRegistration() {
return new ClientRegistration.Builder(clientId)
.clientSecret(clientSecret)
.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
.authorizedGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.redirectUri(redirectUri)
.scopes("openid", "email", "profile")
.authorizationUri(authorizationUri)
.tokenUri(tokenUri)
.userInfoUri(userInfoUri)
.clientName("Okta")
.clientAlias("okta")
.build();
}
}
@EnableWebSecurity
公共类SecurityConfig扩展了WebSecurity配置适配器{
@值(“#{environment['okta.client id']}”)
私有字符串clientId;
@值(“#{environment['okta.client secret']}”)
私有字符串clientSecret;
@值(“#{environment['okta.redirect uri']}”)
私有字符串重定向URI;
@值(“#{environment['okta.authorization uri']}”)
私有字符串授权URI;
@值(“#{environment['okta.token uri']}”)
私有字符串标记URI;
@值(“#{environment['okta.user info uri']}”)
私有字符串userInfoUri;
@凌驾
受保护的无效配置(HttpSecurity http)引发异常{
http
.授权请求()
.anyRequest().authenticated()
.及()
.oauth2Login()
.clients(clientRegistrationRepository())
.userInfoEndpoint()
.userInfoTypeConverter(
新建UserInfoConverter(),
新URI(userInfoUri));
}
@豆子
公共ClientRegistrationRepository ClientRegistrationRepository(){
List clientRegistration=Collections.singletonList(clientRegistration());
返回新的InMemoryClientRegistrationRepository(clientRegistrations);
}
私人客户端注册客户端注册(){
返回新的ClientRegistration.Builder(clientId)
.clientSecret(clientSecret)
.clientAuthenticationMethod(clientAuthenticationMethod.BASIC)
.authorizedGrantType(AuthorizationGrantType.AUTHORIZATION_代码)
.redirectUri(redirectUri)
.scopes(“openid”、“电子邮件”、“配置文件”)
.authorizationUri(authorizationUri)
.tokenUri(tokenUri)
.userInfoUri(userInfoUri)
.客户名称(“Okta”)
.clientAlias(“okta”)
.build();
}
}
但是,一旦我使用Okta成功登录,它就会将我重定向回登录页面:()。单击Okta按钮再次登录也会将我重定向到同一页面
任何建议都会很有帮助。很明显,您的应用程序没有发现您登录的问题,很可能是一些配置问题。我会检查一个spring安全配置类中是否有任何日志记录程序,并为其打开调试日志记录those@Zilvinas如果我的应用程序认为我没有登录,为什么它不会将我重定向回Okta的登录页面呢;像打字错误或smthI一样,我已经能够通过复制示例代码并在
application.properties
中指定我的Okta设置来使用Okta。你试过那种方法吗?似乎在您的项目中需要几个自动配置类才能正常工作。