spring security oauth2返回404
试图实现OAuth2,在web上的各种资源之后遇到了一些问题,但找不到任何解决方案。问题是,当我访问/token端点时,我会得到一个404。这是我的配置: web.xml-Dispatcher servlet映射到/services/api/*并且我的安全配置security.xml由ContextLoaderListener加载 security.xml中的OAuth2映射:spring security oauth2返回404,spring,spring-security-oauth2,Spring,Spring Security Oauth2,试图实现OAuth2,在web上的各种资源之后遇到了一些问题,但找不到任何解决方案。问题是,当我访问/token端点时,我会得到一个404。这是我的配置: web.xml-Dispatcher servlet映射到/services/api/*并且我的安全配置security.xml由ContextLoaderListener加载 security.xml中的OAuth2映射: <!-- OAUTH2 Configuration --> <!-- Token requ
<!-- OAUTH2 Configuration -->
<!-- Token request Endpoint configuration -->
<http pattern="/services/api/oauth2/token" use-expressions="true" create-session="stateless" authentication-manager-ref="OAuth2ClientAuthenticationManager">
<intercept-url pattern="/services/api/oauth2/token" access="hasAnyRole('ADMIN','USER')"/>
<anonymous enabled="false"/>
<http-basic entry-point-ref="OAuth2TokenEntryPoint"/>
<custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER"/> <!-- processes client credentials params on the request -->
<access-denied-handler ref="OAuth2AccessDeniedHandler"/>
</http>
<!-- Resource endpoints protected by Oauth2 -->
<http pattern="/services/api/oauth2/**" create-session="never" entry-point-ref="OAuth2EntryPoint" access-decision-manager-ref="OAuth2AccessDecisionManager">
<anonymous enabled="false"/>
<intercept-url pattern="/services/api/oauth2/**" access="hasAnyRole('ADMIN','USER')"/>
<custom-filter ref="OAuth2ResourceServer" before="PRE_AUTH_FILTER"/>
<access-denied-handler ref="OAuth2AccessDeniedHandler"/>
</http>
<!-- Authentication entrypoint for calls to obtain access tokens -->
<b:bean id="OAuth2TokenEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<b:property name="realmName" value="oauth/oauthClient"/>
<b:property name="typeName" value="Basic"/>
</b:bean>
<!-- Authentication entrypoint for calls to access Oauth2 protected resources -->
<b:bean id="OAuth2EntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<b:property name="realmName" value="oauth"/>
</b:bean>
<b:bean id="OAuth2AccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
<b:bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
<b:property name="authenticationManager" ref="OAuth2ClientAuthenticationManager" />
</b:bean>
<b:bean id="OAuth2AccessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
<b:constructor-arg>
<b:list>
<b:bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
<b:bean class="org.springframework.security.access.vote.RoleVoter" />
<b:bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
<b:bean class="org.springframework.security.web.access.expression.WebExpressionVoter"/>
</b:list>
</b:constructor-arg>
</b:bean>
<!-- Authentication Manager for OAuth2 clients -->
<authentication-manager id="OAuth2ClientAuthenticationManager">
<authentication-provider user-service-ref="OAuth2ClientDetailsUserService" />
</authentication-manager>
<b:bean id="OAuth2ClientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
<b:constructor-arg ref="OAuth2ClientDetails" />
</b:bean>
<!-- Configure Oauth2 Token storage and services -->
<b:bean id="OAuth2TokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
<b:constructor-arg ref="pvDataSource" />
</b:bean>
<b:bean id="OAuth2TokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<b:property name="tokenStore" ref="OAuth2TokenStore" />
<b:property name="supportRefreshToken" value="true" />
<b:property name="accessTokenValiditySeconds" value="120"/>
<b:property name="clientDetailsService" ref="OAuth2ClientDetails" />
</b:bean>
<b:bean id="OAuth2RequestFactory" class="org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory">
<b:constructor-arg name="clientDetailsService" ref="OAuth2ClientDetails" />
</b:bean>
<b:bean id="OAuth2UserApprovalHandler" class="org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler">
<b:property name="tokenStore" ref="OAuth2TokenStore"/>
<b:property name="requestFactory" ref="OAuth2RequestFactory" />
</b:bean>
<oauth:authorization-server client-details-service-ref="OAuth2ClientDetails" token-services-ref="OAuth2TokenServices">
<oauth:authorization-code />
<oauth:implicit/>
<oauth:refresh-token/>
<oauth:client-credentials />
<oauth:password/>
</oauth:authorization-server>
<oauth:resource-server id="OAuth2ResourceServer" resource-id="oauth" token-services-ref="OAuth2TokenServices" />
<!-- Configuration of OAuth2 clients -->
<oauth:client-details-service id="OAuth2ClientDetails">
<oauth:client client-id="client1" authorized-grant-types="password,authorization_code,refresh_token,implicit,client_credentials" authorities="ROLE_ADMIN,ROLE_USER" scope="read,write,trust" secret="secret"/>
</oauth:client-details-service>
我做错了什么?非常感谢您的帮助。我通过在根目录上创建一个新的调度程序(因为我没有),并将授权服务器的端点设置为使用默认的“/oauth/token”,解决了这个问题 现在,在数据库中生成令牌,但是我得到一个空的Json块,而不是令牌。在TokenEndpoint.postAccessToken()中,我可以看到端点正确地生成ResponseEntity,但响应为空{},不确定原因 以下是日志:
10:50:52.837[tomcat http--3]调试o.s.jdbc.core.JdbcTemplate-执行准备好的SQL语句[插入oauth刷新令牌(令牌id、令牌、身份验证)值(?,?)]
10:50:52.837[tomcat http--3]调试o.s.jdbc.datasource.DataSourceUtils-从datasource获取jdbc连接
10:50:52.837[tomcat http--3]调试o.s.j.d.DriverManager数据源-创建到[JDBC:oracle:thin:@localhost:1521:pvdev1]的新JDBC DriverManager连接
10:50:52.865[tomcat http--3]调试o.s.j.support.lob.DefaultLobHandler-为长度为322的BLOB设置字节
10:50:52.865[tomcat http--3]调试o.s.j.support.lob.DefaultLobHandler-为长度为1623的BLOB设置字节
10:50:52.872[tomcat http--3]调试o.s.jdbc.core.JdbcTemplate-SQL更新影响1行
10:50:52.872[tomcat http--3]调试o.s.jdbc.datasource.DataSourceUtils-将jdbc连接返回到datasource
10:50:52.898[tomcat http--3]调试o.s.w.s.m.m.a.HttpEntityMethodProcessor-使用[org.springframework.http.converter.json]将[0244ec49-3bbd-43d9-8b3e-00c746114fa7]编写为“应用程序/json”。GsonHttpMessageConverter@7c0eb476]
10:50:52.899[tomcat http--3]调试o.s.web.servlet.DispatcherServlet-返回给名为“root”的DispatcherServlet的Null ModelAndView:假设HandlerAdapter完成了请求处理
10:50:52.899[tomcat http--3]调试o.s.web.servlet.DispatcherServlet-已成功完成请求
10:50:52.900[tomcat http--3]调试o.s.s.w.a.ExceptionTranslationFilter-链正常处理需要注意的一点是,有一些属性token endpoint url和authorization server url可以添加到授权服务器定义中,但TokenEndpoint映射将其附加到请求中,从而导致端点映射被复制。我想我对这里发生的事情有预感:查看TokenEndpoint.java看起来映射不在DispatcherServlet配置的上下文中。我尝试将这一行添加到我的配置中:
“原因是:java.lang.IllegalStateException:必须提供TokenGranter16:28:39.853 [tomcat-http--3] DEBUG o.s.s.w.a.w.BasicAuthenticationFilter - Basic Authentication Authorization header found for user 'client1'
16:28:39.855 [tomcat-http--3] DEBUG o.s.s.authentication.ProviderManager - Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
16:28:39.861 [tomcat-http--3] DEBUG o.s.s.w.a.w.BasicAuthenticationFilter - Authentication success: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@c80a02b4: Principal: org.springframework.security.core.userdetails.User@334b85c6: Username: client1; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_ADMIN,ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ADMIN, ROLE_USER
16:28:39.861 [tomcat-http--3] DEBUG o.s.security.web.FilterChainProxy - /services/api/oauth2/token?grant_type=client_credentials at position 7 of 9 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
16:28:39.863 [tomcat-http--3] DEBUG o.s.security.web.FilterChainProxy - /services/api/oauth2/token?grant_type=client_credentials at position 8 of 9 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
16:28:39.863 [tomcat-http--3] DEBUG o.s.security.web.FilterChainProxy - /services/api/oauth2/token?grant_type=client_credentials at position 9 of 9 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
Checking match of request : '/services/api/oauth2/token'; against '/services/api/oauth2/token'
16:28:39.863 [tomcat-http--3] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /services/api/oauth2/token?grant_type=client_credentials; Attributes: [hasAnyRole('ADMIN','USER')]
16:28:39.863 [tomcat-http--3] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@c80a02b4: Principal: org.springframework.security.core.userdetails.User@334b85c6: Username: client1; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_ADMIN,ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ADMIN, ROLE_USER
16:28:39.871 [tomcat-http--3] DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@2105b1f8, returned: 1
16:28:39.871 [tomcat-http--3] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Authorization successful
16:28:39.871 [tomcat-http--3] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - RunAsManager did not change Authentication object
16:28:39.871 [tomcat-http--3] DEBUG o.s.security.web.FilterChainProxy - /services/api/oauth2/token?grant_type=client_credentials reached end of additional filter chain; proceeding with original chain
16:28:39.876 [tomcat-http--3] DEBUG o.s.web.servlet.DispatcherServlet - DispatcherServlet with name 'webservices' processing GET request for [/springsec/services/api/oauth2/token]
16:28:39.880 [tomcat-http--3] DEBUG o.s.w.s.m.m.a.RequestMappingHandlerMapping - Looking up handler method for path /oauth2/token
16:28:39.886 [tomcat-http--3] DEBUG o.s.w.s.m.m.a.RequestMappingHandlerMapping - Did not find handler method for [/oauth2/token]
16:28:39.886 [tomcat-http--3] DEBUG o.s.s.o.p.e.FrameworkEndpointHandlerMapping - Looking up handler method for path /oauth2/token
16:28:39.887 [tomcat-http--3] DEBUG o.s.s.o.p.e.FrameworkEndpointHandlerMapping - Did not find handler method for [/oauth2/token]
16:28:39.887 [tomcat-http--3] WARN o.s.web.servlet.PageNotFound - No mapping found for HTTP request with URI [/springsec/services/api/oauth2/token] in DispatcherServlet with name 'webservices'
16:28:39.887 [tomcat-http--3] DEBUG o.s.web.servlet.DispatcherServlet - Successfully completed request
16:28:39.888 [tomcat-http--3] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Chain processed normally
16:28:39.888 [tomcat-http--3] DEBUG o.s.s.w.c.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed