Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/14.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
spring oauth2令牌处理错误_Spring_Security_Oauth - Fatal编程技术网
Fatal编程技术网
  • spring/
  • spring oauth2令牌处理错误

spring oauth2令牌处理错误

spring security oauth

spring oauth2令牌处理错误,spring,security,oauth,Spring,Security,Oauth,目前,我使用SpringMVCAuth2来保护我的web应用程序 我试着做curl-X POST“ 我得到了答复。 {“error”:“unauthorized”,“error_description”:“没有客户端身份验证。请尝试添加适当的身份验证筛选器。”} 然后我检查了TokenEndpoint.java的代码,它显示主体为null 异常正在处理错误:InsufficientAuthenticationException,没有客户端身份验证。尝试添加适当的身份验证筛选器 下面是spring

目前,我使用SpringMVCAuth2来保护我的web应用程序

我试着做curl-X POST“

我得到了答复。 {“error”:“unauthorized”,“error_description”:“没有客户端身份验证。请尝试添加适当的身份验证筛选器。”}

然后我检查了TokenEndpoint.java的代码,它显示主体为null

异常正在处理错误:InsufficientAuthenticationException,没有客户端身份验证。尝试添加适当的身份验证筛选器

下面是spring-security.xml

<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"       xmlns:oauth2="http://www.springframework.org/schema/security/oauth2"
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd http://www.springframework.org/schema/security/oauth2  http://www.springframework.org/schema/security/spring-security-oauth2.xsd">

<bean id="tokenStore"
    class="org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore" />
<bean id="tokenServices"
    class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
    <property name="tokenStore" ref="tokenStore" />
    <property name="supportRefreshToken" value="true" />
</bean>
<bean id="clientAuthenticationEntryPoint"
    class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint" />
<bean id="accessDeniedHandler"
    class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
<bean id="userApprovalHandler"
    class="org.springframework.security.oauth2.provider.approval.DefaultUserApprovalHandler" />

<!--client -->
<bean id="clientDetailsService" class="oauth2.CustomJdbcClientDetailsService">
    <constructor-arg index="0" ref="dataSource" />
</bean>
<bean id="clientDetailsUserDetailsService"
    class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
    <constructor-arg ref="clientDetailsService" />
</bean>
<bean id="clientCredentialsTokenEndpointFilter"
    class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
    <property name="authenticationManager" ref="clientAuthenticationManager" />
</bean>
<security:authentication-manager id="clientAuthenticationManager">
    <security:authentication-provider
        user-service-ref="clientDetailsUserDetailsService" />
</security:authentication-manager>
<oauth2:authorization-server
    client-details-service-ref="clientDetailsService" token-services-ref="tokenServices"
    user-approval-handler-ref="userApprovalHandler">
    <oauth2:authorization-code />
    <oauth2:implicit />
    <oauth2:refresh-token />
    <oauth2:client-credentials />
    <oauth2:password />
</oauth2:authorization-server>
<security:http pattern="/oauth/token" create-session="stateless">
    <security:anonymous enabled="false" />
    <security:http-basic entry-point-ref="clientAuthenticationEntryPoint" />
    <security:custom-filter ref="clientCredentialsTokenEndpointFilter"
        before="BASIC_AUTH_FILTER" />
    <security:access-denied-handler ref="accessDeniedHandler" />
</security:http>
<!--client -->

<!--user -->
<bean id="userService" class="services.UserServicesImpl" />
<security:authentication-manager alias="authenticationManager">
    <security:authentication-provider
        user-service-ref="userService">
        <!--<security:password-encoder hash="md5"/> -->
    </security:authentication-provider>
</security:authentication-manager>
<!--user -->

<oauth2:resource-server id="mobileResourceServer"
    resource-id="mobile-resource" token-services-ref="tokenServices" />
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
    <constructor-arg>
        <list>
            <bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
            <bean class="org.springframework.security.access.vote.RoleVoter" />
            <bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
        </list>
    </constructor-arg>
</bean>
<security:http pattern="/rest/**" create-session="never"
    entry-point-ref="clientAuthenticationEntryPoint"
    access-decision-manager-ref="accessDecisionManager" use-expressions="false">
    <security:anonymous enabled="false" />
    <security:intercept-url pattern="/rest/**"
        access="ROLE_DRIVER" />
    <security:custom-filter ref="mobileResourceServer"
        before="PRE_AUTH_FILTER" />
    <security:access-denied-handler ref="accessDeniedHandler" />
</security:http>

我不知道为什么会出错,请帮助我,谢谢。

您必须为客户端身份验证提供一个名为“client\u secret”的查询参数