Unable to access resources with access_token : spring boot Oauth2

后端未结

关注

 5  1157

南方客 2020-12-19 04:00

I am trying to implement Oauth2 in my existing application.Initially I have added spring security and then tried to add oauth2, After adding configuration I am able to gener

5条回答

感情败类 (楼主)

2020-12-19 04:47

Please change the code like below in ResourceServer:

Have a look at this line:

http.anonymous().disable()
                .requestMatchers().antMatchers("/patients/**","/patient/**")

Since "/patient/"**, is not added as part of request matcher, the request is actually was handled by other configuration

package project.configuration;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;


@Configuration
@EnableResourceServer
public class ResourceServer extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.anonymous().disable()
                .requestMatchers().antMatchers("/patients/**","/patient/**").and().
                authorizeRequests().antMatchers("*/patient/**").hasRole("USER")
                .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
    }

}

0 讨论(0)

查看其它5个回答