[英]Spring oauth security wrong username or password 401 Unauthorized
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter
{
@Override protected void configure(HttpSecurity http) throws Exception
{
http.formLogin();
http.authorizeRequests().anyRequest().authenticated();
}
@Bean
public UserDetailsService userDetailsService()
{
UserDetailsManager userDetailsManager = new InMemoryUserDetailsManager();
UserDetails user = User.withUsername("emoleumassi")
.password("today").authorities("write")
.build();
userDetailsManager.createUser(user);
return userDetailsManager;
}
@Bean
public PasswordEncoder passwordEncoder()
{
return NoOpPasswordEncoder.getInstance();
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception
{
return super.authenticationManagerBean();
}
}
授权服务器
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter
{
@Autowired private AuthenticationManager authenticationManager;
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception
{
clients.inMemory().withClient("client").secret("secret").scopes("write").authorizedGrantTypes("password");
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception
{
endpoints.authenticationManager(authenticationManager);
}
}
我的依赖:
SPRING_BOOT_VERSION = "2.6.6"
implementation "org.springframework.boot:spring-boot-starter-web:${SPRING_BOOT_VERSION}"
implementation 'org.springframework.boot:spring-boot-starter-security:2.6.6'
implementation 'org.springframework.security.oauth:spring-security-oauth2:2.5.1.RELEASE'
我收到401 Unauthorized
您需要允许 oauth URL。 我认为:
@Override protected void configure(HttpSecurity http) throws Exception
{
http.formLogin();
http.authorizeRequests().anyRequest().authenticated();
http. oauth2Login() // <-- this here
}
应该这样做。 否则
.antMatchers("/oauth/**).permitAll()
可能是替代方案。
Java Spring Security:401 令牌 OAuth2 端点未经授权
[英]Java Spring Security: 401 Unauthorized for token OAuth2 end point
在Spring Security Oauth2的标题中发送用户名和密码
[英]Sending username and password in headers in Spring Security Oauth2
尝试在 Spring Security oauth 2 中获取访问令牌之前出现 401 未经授权的错误
[英]401 unauthorized error before trying to get access token in spring security oauth 2
Spring Security - 区分错误的用户名/密码组合和未授权用户
[英]Spring Security - Differentiate between wrong username/password combination and unauthorised users
Spring Security 401(Unauthorized) 使用 UserDetailsService, jpa
[英]Spring Security 401(Unauthorized) using UserDetailsService, jpa
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.