Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/spring-boot/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring boot org.springframework.security.access.AccessDeniedException:访问被拒绝_Spring Boot_Spring Security Oauth2 - Fatal编程技术网
Fatal编程技术网
  • spring-boot/
  • Spring boot org.springframework.security.access.AccessDeniedException:访问被拒绝

Spring boot org.springframework.security.access.AccessDeniedException:访问被拒绝

spring-boot

Spring boot org.springframework.security.access.AccessDeniedException:访问被拒绝,spring-boot,spring-security-oauth2,Spring Boot,Spring Security Oauth2,我正试图在我的spring boot rest服务器中实现OAuth configuration\AuthorizationServerConfig.java 包com.vcomm.server.configuration; 导入com.vcomm.server.service.util.CustomAuthenticationKeyGenerator; 导入org.springframework.beans.factory.annotation.Autowired; 导入org.springf

我正试图在我的spring boot rest服务器中实现OAuth

configuration\AuthorizationServerConfig.java

包com.vcomm.server.configuration;
导入com.vcomm.server.service.util.CustomAuthenticationKeyGenerator;
导入org.springframework.beans.factory.annotation.Autowired;
导入org.springframework.context.annotation.Bean;
导入org.springframework.context.annotation.Configuration;
导入org.springframework.context.annotation.Primary;
导入org.springframework.context.event.EventListener;
导入org.springframework.security.authentication.AuthenticationManager;
导入org.springframework.security.authentication.event.AuthenticationSuccessEvent;
导入org.springframework.security.core.userdetails.userdetails服务;
导入org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
导入org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
导入org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
导入org.springframework.security.oauth2.config.annotation.web.configurers.authorizationServerEndpointsConfiger;
导入org.springframework.security.oauth2.config.annotation.web.configurers.authorizationServerSecurityConfiger;
导入org.springframework.security.oauth2.provider.token.DefaultTokenServices;
导入org.springframework.security.oauth2.provider.token.TokenStore;
导入org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
导入org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
导入javax.annotation.Resource;
导入javax.sql.DataSource;
@配置
@EnableAuthorizationServer
公共类AuthorizationServerConfig扩展AuthorizationServerConfigurerAdapter{
@资源(name=“roomUserDetailsService”)
用户详细信息服务用户详细信息服务;
@自动连线
私有数据源;
@豆子
公共令牌库令牌库(){
JdbcTokenStore tokenStore=新的JdbcTokenStore(数据源);
setAuthenticationKeyGenerator(新的CustomAuthenticationKeyGenerator());
返回代币店;
}
@豆子
公共JwtAccessTokenConverter accessTokenConverter(){
JwtAccessTokenConverter=新的JwtAccessTokenConverter();
转换器。设置点火键(“123”);
回流转换器;
}
@豆子
@初级的
公共DefaultTokenServices令牌服务(){
DefaultTokenServices DefaultTokenServices=新的DefaultTokenServices();
setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(true);
defaultTokenServices.setAuthenticationManager(authenticationManager);
返回服务;
}
@凌驾
公共无效配置(ClientDetailsServiceConfigurer客户端)引发异常{
jdbc(数据源);
}
@自动连线
私人AuthenticationManager AuthenticationManager;
@凌驾
公共无效配置(授权服务器端点配置器端点){
端点
.pathMapping(“/oauth/authorize”,Constant.AUTH_V1+”/oauth/authorize”)
.pathMapping(“/oauth/check_token”,Constant.AUTH_V1+”/oauth/check_token”)
.pathMapping(“/oauth/confirm\u access”,Constant.AUTH\u V1+”/AUTH/V1/oauth/confirm\u access”)
.pathMapping(“/oauth/error”,Constant.AUTH_V1+”/oauth/error)
.pathMapping(“/oauth/token”,Constant.AUTH_V1+“/oauth/token”)
.pathMapping(“/oauth/token\u key”,Constant.AUTH\u V1+“/oauth/token\u key”)
.tokenStore(tokenStore())
.userDetailsService(userDetailsService)
.authenticationManager(authenticationManager);
}
@事件监听器
公共无效authSuccessEventListener(AuthenticationSuccessEvent authorizedEvent){
//在此处编写用于登录成功审核的自定义代码
System.out.println(“用户Oauth2登录成功”);
System.out.println(“这是成功事件:+authorizedEvent.getSource());
}
@凌驾
public void configure(AuthorizationServerSecurityConfigure oauthServer)引发异常{
oauthServer
.tokenKeyAccess(“permitAll()”)
.checkTokenAccess(“isAuthenticated()”);
oauthServer.AllowFormAuthenticationForClient();
}
}
配置\ResourceServerConfig.java

包com.vcomm.server.configuration;
导入org.springframework.beans.factory.annotation.Autowired;
导入org.springframework.context.annotation.Bean;
导入org.springframework.context.annotation.Configuration;
导入org.springframework.security.authentication.AuthenticationManager;
导入org.springframework.security.config.annotation.web.builders.HttpSecurity;
导入org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
导入org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
导入org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigure;
导入org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
导入org.springframework.security.oauth2.provider.token.DefaultTokenServices;
导入org.springframework.security.oauth2.provider.token.TokenStore;
@配置
@EnableResourceServer
公共类ResourceServerConfig扩展了ResourceServerConfigurerAdapter{
@凌驾
public void configure(HttpSecurity http)引发异常{
http
.antMatcher(“/api/**”)
.授权请求()
.anyRequest()
.authenticated()
.及()
.例外处理()
.accessDeniedHandler(新的OAuth2AccessDeniedHandler());
}
@自动连线
代币店代币店;
@凌驾
public void配置(ResourceServerSecurityConfigure配置){
config.tokenServices(tokenServicesResourceServer());
}
@自动连线
私人AuthenticationManager AuthenticationManager;
@豆子
public DefaultTokenServices tokenServicesResourceServer(){
诽谤

{
    "timestamp": 1582545217836,
    "status": 401,
    "error": "Unauthorized",
    "message": "Unauthorized",
    "path": "/auth/v1/oauth/authorize"
}



+-----------+--------------+---------------+-------+-------------------------------------------+-------------------------+-------------+-----------------------+------------------------+
| client_id | resource_ids | client_secret | scope | authorized_grant_types                    | web_server_redirect_uri | authorities | access_token_validity | refresh_token_validity |
+-----------+--------------+---------------+-------+-------------------------------------------+-------------------------+-------------+-----------------------+------------------------+
| clientapp | NULL         | secret        | read  | password,authorization_code,refresh_token | http://localhost:8081/  | room        |                 36000 |                  36000 |
+-----------+--------------+---------------+-------+-------------------------------------------+-------------------------+-------------+-----------------------+------------------------+