security - spring oauth2 token Handling error -
currently use spring mvc oauth2 secure web application.
i tried curl -x post "http://localhost:8080/project/oauth/token?client_id=the_client&grant_type=password&username=user&password=password&response_type=token"
i got reply. {"error":"unauthorized","error_description":"there no client authentication. try adding appropriate authentication filter."}
then checked code of tokenendpoint.java, show principal null.
the exception handling error: insufficientauthenticationexception, there no client authentication. try adding appropriate authentication filter.
here spring-security.xml
<?xml version="1.0" encoding="utf-8" ?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xmlns:oauth2="http://www.springframework.org/schema/security/oauth2" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:security="http://www.springframework.org/schema/security" xsi:schemalocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2.xsd"> <bean id="tokenstore" class="org.springframework.security.oauth2.provider.token.store.inmemorytokenstore" /> <bean id="tokenservices" class="org.springframework.security.oauth2.provider.token.defaulttokenservices"> <property name="tokenstore" ref="tokenstore" /> <property name="supportrefreshtoken" value="true" /> </bean> <bean id="clientauthenticationentrypoint" class="org.springframework.security.oauth2.provider.error.oauth2authenticationentrypoint" /> <bean id="accessdeniedhandler" class="org.springframework.security.oauth2.provider.error.oauth2accessdeniedhandler" /> <bean id="userapprovalhandler" class="org.springframework.security.oauth2.provider.approval.defaultuserapprovalhandler" /> <!--client --> <bean id="clientdetailsservice" class="oauth2.customjdbcclientdetailsservice"> <constructor-arg index="0" ref="datasource" /> </bean> <bean id="clientdetailsuserdetailsservice" class="org.springframework.security.oauth2.provider.client.clientdetailsuserdetailsservice"> <constructor-arg ref="clientdetailsservice" /> </bean> <bean id="clientcredentialstokenendpointfilter" class="org.springframework.security.oauth2.provider.client.clientcredentialstokenendpointfilter"> <property name="authenticationmanager" ref="clientauthenticationmanager" /> </bean> <security:authentication-manager id="clientauthenticationmanager"> <security:authentication-provider user-service-ref="clientdetailsuserdetailsservice" /> </security:authentication-manager> <oauth2:authorization-server client-details-service-ref="clientdetailsservice" token-services-ref="tokenservices" user-approval-handler-ref="userapprovalhandler"> <oauth2:authorization-code /> <oauth2:implicit /> <oauth2:refresh-token /> <oauth2:client-credentials /> <oauth2:password /> </oauth2:authorization-server> <security:http pattern="/oauth/token" create-session="stateless"> <security:anonymous enabled="false" /> <security:http-basic entry-point-ref="clientauthenticationentrypoint" /> <security:custom-filter ref="clientcredentialstokenendpointfilter" before="basic_auth_filter" /> <security:access-denied-handler ref="accessdeniedhandler" /> </security:http> <!--client --> <!--user --> <bean id="userservice" class="services.userservicesimpl" /> <security:authentication-manager alias="authenticationmanager"> <security:authentication-provider user-service-ref="userservice"> <!--<security:password-encoder hash="md5"/> --> </security:authentication-provider> </security:authentication-manager> <!--user --> <oauth2:resource-server id="mobileresourceserver" resource-id="mobile-resource" token-services-ref="tokenservices" /> <bean id="accessdecisionmanager" class="org.springframework.security.access.vote.unanimousbased"> <constructor-arg> <list> <bean class="org.springframework.security.oauth2.provider.vote.scopevoter" /> <bean class="org.springframework.security.access.vote.rolevoter" /> <bean class="org.springframework.security.access.vote.authenticatedvoter" /> </list> </constructor-arg> </bean> <security:http pattern="/rest/**" create-session="never" entry-point-ref="clientauthenticationentrypoint" access-decision-manager-ref="accessdecisionmanager" use-expressions="false"> <security:anonymous enabled="false" /> <security:intercept-url pattern="/rest/**" access="role_driver" /> <security:custom-filter ref="mobileresourceserver" before="pre_auth_filter" /> <security:access-denied-handler ref="accessdeniedhandler" /> </security:http>
i don't know why wrong, please me thanks.
Comments
Post a Comment