![](/img/trans.png)
[英]Java Spring Security: 401 Unauthorized for token OAuth2 end point
[英]Spring oauth security wrong username or password 401 Unauthorized
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter
{
@Override protected void configure(HttpSecurity http) throws Exception
{
http.formLogin();
http.authorizeRequests().anyRequest().authenticated();
}
@Bean
public UserDetailsService userDetailsService()
{
UserDetailsManager userDetailsManager = new InMemoryUserDetailsManager();
UserDetails user = User.withUsername("emoleumassi")
.password("today").authorities("write")
.build();
userDetailsManager.createUser(user);
return userDetailsManager;
}
@Bean
public PasswordEncoder passwordEncoder()
{
return NoOpPasswordEncoder.getInstance();
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception
{
return super.authenticationManagerBean();
}
}
授权服务器
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter
{
@Autowired private AuthenticationManager authenticationManager;
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception
{
clients.inMemory().withClient("client").secret("secret").scopes("write").authorizedGrantTypes("password");
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception
{
endpoints.authenticationManager(authenticationManager);
}
}
我的依赖:
SPRING_BOOT_VERSION = "2.6.6"
implementation "org.springframework.boot:spring-boot-starter-web:${SPRING_BOOT_VERSION}"
implementation 'org.springframework.boot:spring-boot-starter-security:2.6.6'
implementation 'org.springframework.security.oauth:spring-security-oauth2:2.5.1.RELEASE'
我收到401 Unauthorized
您需要允许 oauth URL。 我认为:
@Override protected void configure(HttpSecurity http) throws Exception
{
http.formLogin();
http.authorizeRequests().anyRequest().authenticated();
http. oauth2Login() // <-- this here
}
应该这样做。 否则
.antMatchers("/oauth/**).permitAll()
可能是替代方案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.