Oauth 2.0 如何在Mule CE上实现Oauth2基于双腿令牌的安全性？_Oauth 2.0_Mule

Oauth 2.0 如何在Mule CE上实现Oauth2基于双腿令牌的安全性？

oauth-2.0 mule

Oauth 2.0 如何在Mule CE上实现Oauth2基于双腿令牌的安全性？,oauth-2.0,mule,Oauth 2.0,Mule,我正在研究Mule CE，需要使用Oauth2实现基于令牌的安全性（最好）。我已经配置了授权服务器，并且在日志文件中看到了默认映射，但是当我在“/oauth/token”上发送消息时，什么也没有发生当作为独立的SpringWeb服务应用程序部署到Tomcat上时，OAuth2的类似配置在Spring/Tomcat上也能正常工作这是我的Mule配置： <mule xmlns:mulexml="http://www.mulesoft.org/schema/mule/xml" xml

我正在研究Mule CE，需要使用Oauth2实现基于令牌的安全性（最好）。我已经配置了授权服务器，并且在日志文件中看到了默认映射，但是当我在“/oauth/token”上发送消息时，什么也没有发生

当作为独立的SpringWeb服务应用程序部署到Tomcat上时，OAuth2的类似配置在Spring/Tomcat上也能正常工作

这是我的Mule配置：

<mule xmlns:mulexml="http://www.mulesoft.org/schema/mule/xml"
    xmlns:https="http://www.mulesoft.org/schema/mule/https" xmlns:jersey="http://www.mulesoft.org/schema/mule/jersey"
    xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns="http://www.mulesoft.org/schema/mule/core"
    xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:vm="http://www.mulesource.org/schema/mule/vm/2.0"
    xmlns:spring="http://www.springframework.org/schema/beans" version="CE-3.3.1"
    xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security"
    xmlns:mvc="http://www.springframework.org/schema/mvc"
    xmlns:context="http://www.springframework.org/schema/context" xmlns:ss="http://www.springframework.org/schema/security"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
    xmlns:pattern="http://www.mulesoft.org/schema/mule/pattern" xmlns:util="http://www.springframework.org/schema/util"
    xsi:schemaLocation="
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd 
http://www.mulesoft.org/schema/mule/xml http://www.mulesoft.org/schema/mule/xml/current/mule-xml.xsd 
http://www.mulesoft.org/schema/mule/xml 
http://www.mulesoft.org/schema/mule/xml/3.3/mule-xml.xsd
http://www.mulesoft.org/schema/mule/http 
http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd 
http://www.springframework.org/schema/beans 
http://www.springframework.org/schema/beans/spring-beans-current.xsd 
http://www.mulesoft.org/schema/mule/core 
http://www.mulesoft.org/schema/mule/core/current/mule.xsd 
http://www.mulesoft.org/schema/mule/https 
http://www.mulesoft.org/schema/mule/https/current/mule-https.xsd
http://www.mulesoft.org/schema/mule/jersey 
http://www.mulesoft.org/schema/mule/jersey/current/mule-jersey.xsd 
http://www.mulesoft.org/schema/mule/spring-security 
http://www.mulesoft.org/schema/mule/spring-security/3.3/mule-spring-security.xsd
http://www.springframework.org/schema/security/oauth2 
http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd
http://www.springframework.org/schema/security 
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
http://www.mulesoft.org/schema/mule/pattern 
http://www.mulesoft.org/schema/mule/pattern/3.3/mule-pattern.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/util 
http://www.springframework.org/schema/util/spring-util.xsd ">




    <mule-ss:security-manager>
        <mule-ss:delegate-security-provider
            name="memory-provider" delegate-ref="authenticationManager" />
    </mule-ss:security-manager>
    <spring:beans>
        <ss:authentication-manager alias="authenticationManager">
            <ss:authentication-provider ref="myAuthenticationProvider" />
        </ss:authentication-manager>
        <oauth:client-details-service id="clientDetailsService">
            <oauth:client client-id="admin"
                authorized-grant-types="password,authorization_code,refresh_token,implicit,client_credentials"
                authorities="ROLE_USER, ROLE_TRUSTED_CLIENT" scope="read,write,trust"
                access-token-validity="60" />
        </oauth:client-details-service>
        <oauth:authorization-server
            client-details-service-ref="clientDetailsService" token-services-ref="tokenServices">
            <oauth:authorization-code />
            <oauth:implicit />
            <oauth:refresh-token />
            <oauth:client-credentials />
            <oauth:password />
        </oauth:authorization-server>
    </spring:beans>

    <spring:beans>

        <mvc:annotation-driven />
        <spring:bean id="myAuthenticationProvider"
            class="com.sachin.tech.security.MyUserAuthenticationProvider" />

        <spring:bean id="oauthAuthenticationEntryPoint"
            class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
            <spring:property name="realmName" value="myCustomerAppRealm" />
        </spring:bean>

        <spring:bean id="oauth2AccessDeniedHandler"
            class="org.springframework.security.web.access.AccessDeniedHandlerImpl" />

        <spring:bean id="clientCredentialsTokenEndpointFilter"
            class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
            <spring:property name="authenticationManager" ref="authenticationManager" />
        </spring:bean>

        <spring:bean id="tokenStore"
            class="org.springframework.security.oauth2.provider.token.InMemoryTokenStore" />

        <spring:bean id="tokenServices"
            class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
            <spring:property name="tokenStore" ref="tokenStore" />
            <spring:property name="supportRefreshToken" value="true" />
            <spring:property name="accessTokenValiditySeconds"
                value="60" />
        </spring:bean>

    </spring:beans>

    <flow name="wsauthentication_2" doc:name="wsauthentication_2">
        <http:inbound-endpoint exchange-pattern="request-response"
            host="localhost" port="8098" doc:name="MyHTTPInbound2_2"
            doc:description="wsauthentication_2 Desc">
        </http:inbound-endpoint>
        <echo-component doc:name="Echo" />
    </flow>

</mule>

日志中的映射似乎很好：

13:48:01,789 DEBUG FrameworkEndpointHandlerMapping:125 - Looking for request mappings in application context: org.mule.config.spring.MuleApplicationContext@7fe3a7ec: startup date [Tue Apr 23 13:47:56 IST 2013]; root of context hierarchy
13:48:01,836  INFO FrameworkEndpointHandlerMapping:197 - Mapped "{[/oauth/error],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.handleError(javax.servlet.http.HttpServletRequest)
13:48:01,836  INFO FrameworkEndpointHandlerMapping:197 - Mapped "{[/oauth/confirm_access],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.getAccessConfirmation(java.util.Map<java.lang.String, java.lang.Object>) throws java.lang.Exception
13:48:01,851  INFO FrameworkEndpointHandlerMapping:197 - Mapped "{[/oauth/authorize],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.authorize(java.util.Map<java.lang.String, java.lang.Object>,java.lang.String,java.util.Map<java.lang.String, java.lang.String>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
13:48:01,851  INFO FrameworkEndpointHandlerMapping:197 - Mapped "{[/oauth/authorize],methods=[POST],params=[user_oauth_approval],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.View org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.approveOrDeny(java.util.Map<java.lang.String, java.lang.String>,java.util.Map<java.lang.String, ?>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
13:48:01,851  INFO FrameworkEndpointHandlerMapping:197 - Mapped "{[/oauth/token],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(java.security.Principal,java.lang.String,java.util.Map<java.lang.String, java.lang.String>)

13:48:01789调试框架EndpointHandlerMapping:125-在应用程序上下文中查找请求映射：org.mule.config.spring。MuleApplicationContext@7fe3a7ec：启动日期[2013年4月23日星期二13:47:56]；上下文层次结构的根
13:48:01836 INFO FrameworkEndpointHandlerMapping:197-将“{[/oauth/error]，methods=[]，params=[]，headers=[]，consumes=[]，products=[]，custom=[]，custom=[]）映射到public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.handleError（javax.servlet.http.htpservletrequest）
13:48:01836信息FrameworkEndpointHandlerMapping:197-将“{[/oauth/confirm_access]，methods=[]、params=[]、headers=[]、consumes=[]、products=[]、custom=[]、custom=[]”映射到public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.getAccessConfirmation（java.util抛出java.lang.Exception
13:48:01851信息FrameworkEndpointHandlerMapping:197-将“{[/oauth/authorize]，methods=[]，params=[]，headers=[]，consumes=[]，products=[]，custom=[]，custom=[]）映射到public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.authorize上（java.util.Map、java.lang.String、java.util.Map、org.springframework.web.bind.support.SessionStatus、java.security.Principal）
13:48:01851信息FrameworkEndpointHandlerMapping:197-将“{[/oauth/authorize]，methods=[POST]，params=[user\u oauth\u approval]，headers=[]，consumes=[]，products=[]，custom=[]，custom=[]）映射到public org.springframework.web.servlet.View org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.approveOrDeny（java.util.Map、java.util.Map、org.springframework.web.bind.support.SessionStatus、java.security.Principal）
13:48:01851 INFO FrameworkEndpointHandlerMapping:197-将“{[/oauth/token]，方法=[]，参数=[]，头=[]，消耗=[]，生产=[]，自定义=[]}”映射到public org.springframework.http.ResponseEntity org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken（java.security.Principal，java.lang.String，java.util.Map）

请帮助。

我认为Sprint OAuth实际上不能在Java web容器之外工作

对于Mule EE，您可以使用

对于Mule CE，您可以尝试运行嵌入式Jetty容器并在其背后使用Mule的Servlet端点。这将提供一个Spring OAuth可以工作的环境。有关灵感，请参阅Mule发行版提供的书店示例。

您所说的“类似配置可以在Mule上正常工作（在Tomcat/Spring上）”是什么意思？如果这在Mule上起作用，那么问题出在哪里？很抱歉造成混淆。我的意思是，类似的配置在Tomcat/Spring上可以很好地工作。如果Mule EE可以使用Oauth2，我们也应该能够通过编写一些代码使用CE来完成。我不寻找特定于Spring的实现。任何Oauth2服务器实现库都可以。用于Java的Oauth2服务器库：ApacheAmber（草案22）用于OAuthAPI授权服务器的Spring安全性（v2-31）Restlet框架（草案30）Apache CXFY您当然可以使用这些库中的一个来处理到达自定义HTTP入站端点的OAuth2请求。企业安全所做的是自动配置OAuth2提供程序，这样您就不需要手动创建流、入站端点、连接OAuth2处理程序等。我正在与CE合作，因此没有Enterprise SecurCity功能。我现在正在使用Apache CXF。如果您有在Mule上使用CXF实现双腿安全性的经验，请告诉我。没问题。谢谢您的帮助。