我在使用@EnableOAuth2Client
从官方spring文档到手动配置OAuth2客户端的this教程。由于某种原因,它不起作用。当我运行该应用并访问http://localhost:8080/login
时,我看到的是基本表单登录,而不是Google登录选项。 (我需要使这个手动配置工作,因为我的用例。)使用@ EnableOAuth2Client不起作用来手动配置OAuth2客户端
但是,@EnableOauth2Sso
代码工作正常,我不使用OAuth2AuthenticationProcessingFilters
做任何手动配置。在这种情况下,我在访问我的登录页面时获得了谷歌登录选项。有人可以帮帮我吗。我已经添加下面的代码:
这是@EnableOAuth2Sso
,它完美的作品
@Configuration
@EnableWebSecurity
@EnableOAuth2Sso
@PropertySource({ "classpath:/oauth2.properties" })
@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
OAuth2ClientContext oauth2ClientContext;
@Value("${security.oauth2.resource.userInfoUri}")
String userInfoUri;
@Value("${security.oauth2.client.clientId}")
String clientId;
@Bean
public RequestContextListener requestContextListener() {
return new RequestContextListener();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
// http.antMatcher("/**").addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
}
}
这是@EnableOAuth2Client
,它不工作,我得到的形式,而不是登录
@Configuration
@EnableWebSecurity
@EnableOAuth2Client
@PropertySource({ "classpath:/oauth2.properties" })
@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
OAuth2ClientContext oauth2ClientContext;
@Value("${security.oauth2.resource.userInfoUri}")
String userInfoUri;
@Value("${security.oauth2.client.clientId}")
String clientId;
@Bean
public RequestContextListener requestContextListener() {
return new RequestContextListener();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.antMatcher("/**").addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
}
private Filter ssoFilter() {
OAuth2ClientAuthenticationProcessingFilter googleFilter = new OAuth2ClientAuthenticationProcessingFilter("/login");
OAuth2RestTemplate googleTemplate = new OAuth2RestTemplate(google(), oauth2ClientContext);
googleFilter.setRestTemplate(googleTemplate);
googleFilter.setTokenServices(new UserInfoTokenServices(googleResource().getUserInfoUri(), google().getClientId()));
return googleFilter;
}
@Bean
@ConfigurationProperties("security.oauth2.client")
public AuthorizationCodeResourceDetails google() {
return new AuthorizationCodeResourceDetails();
}
@Bean
@ConfigurationProperties("security.oauth2.resource")
public ResourceServerProperties googleResource() {
return new ResourceServerProperties();
}
@Bean
public FilterRegistrationBean oauth2ClientFilterRegistration(
OAuth2ClientContextFilter filter) {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(filter);
registration.setOrder(-100);
return registration;
}
}
我要说调用['super.configure(HTTP )'](https://github.com/spring-projects/spring-security/blob/master/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java# L345)可能是问题,从javadoc:“通常子类不应该通过调用超级调用此方法,因为它可能会覆盖它们的配置。” – 2017-01-02 06:36:48
T帽子正是这个问题。非常感谢@RC。帮助和确定问题。这节省了很多时间。我希望你增加这个答案,以便我可以奖励赏金,未来的用户也可能从中受益。万分感谢。 :) – varunkr