spring-security

问题 Im currently working on integration of my app with company ldap. While i was able to make application actually check users on ldap for authentication, users are not able to overcome spring security ROLES configuration. Im getting: "Denied Sorry, you're not authorized to view this page." Every time i try to enter page that has @Secured(['ROLE_USER']) on it. I would like to know how to add every user on LDAP to have ROLE_USER so he will be able to fully use application. My ldap configuration is

问题 I am using spring-security-5 , spring-boot 2.0.5 and oauth2 . I have checked and test by online reference. Like : Spring Security and OAuth2 to protect REST API endpoints Spring Boot 2 Applications and OAuth 2 Everything is fine in my project. When I request this URL , http://localhost:8080/api/oauth/token , I get response as And I restart the server(Tomcat) , I request that URL again, I get response as So my question is, how the client-app can get access_token again after Tomcat or spring

问题 I have a situation: Step 1: Obtained access token (grant_type=password) (A1) and also a refresh token.(RT1) Step 2: Accessed resource (R) using the token (A1) - Success Step 3:Revoked user access role for Resource R. Step 4: Obtained access token (grant_type=password) (A2) and also a refresh token.(RT2) Step 5: Accessed resource (R) using the token (A2) - Failed till here all fine.now comes the unexpected part. Step 6: Obtained new access token (grant_type=refresh_token) using RT2.

问题 I am trying to set up method level security via annotations for my Jersey managed REST webservice. I added a @PreAuthorize("hasRole('USER')") annotation to my web service interface where I define the endpoints. I have added a security configuration class, and a security initializer class to no avail. Username and password has been redacted. @Configuration @EnableGlobalMethodSecurity(prePostEnabled = true, proxyTargetClass = true) @EnableWebSecurity public class SecurityConfiguration extends

问题 I'm attempting to implement OpenId Connect sign-on in a Spring Boot 1.3.0 application with Spring Security 3.2.5 on Spring Framework 4.2.3. The implementation is very similar to this question: Protecting REST API with OAuth2: Error creating bean with name 'scopedTarget.oauth2ClientContext': Scope 'session' is not active, except that I've implemented the suggested bean for the RequestContextFilter . @Configuration @EnableOAuth2Client public class OpenIdConnectConfig { @Value("${oidc.clientId}"

问题 I have implemented 2 distinct servers: auth server and a resource server using Spring Boot 2.1.6.RELEASE and spring-cloud-starter-oauth2 version Greenwich.RELEASE I am able to successfully get an access_token from auth server, use it to access protected api on resource server. However I am not able to get user_name in the response returned by auth server's /oauth/check_token endpoint I can confirm that user_name is present in user table. curl http://localhost:5000/oauth/check_token?token

问题 I use such code for authentication: @PreAuthorize("isAnonymous()") @RequestMapping(value = "/login", method = RequestMethod.POST) public String doLogin(HttpServletRequest request) { try { Authentication req = new UsernamePasswordAuthenticationToken(request.getParameter("name"), request.getParameter("password")); Authentication result = authenticationManager.authenticate(req); SecurityContextHolder.getContext().setAuthentication(result); logger.debug("Success login"); logger.debug

问题 I've set basic spring authentication. When user comes to page and enters secured URL, login form is rendered, but I want to show error 403 page (or any other page i choose). If I understand correctly I can't use access-denied-handler because user is not authenticated at all. How do I show any other page than login form page to non-authenticated user, when he accesses secured URL? 回答1: When you are using form-login the default AuthenticationEntryPoint redirects to the login page. You can

问题 While creating a Zipkin Server with Spring Boot(v2), I am facing Whitelabel Error Page. " Whitelabel Error Page This application has no explicit mapping for /error, so you are seeing this as a fallback. Wed Oct 30 11:21:35 IST 2019 There was an unexpected error (type=Not Found, status=404). No message available " And also while i run the application in spring boot, i get: " Cannot find template location: classpath:/templates/ (please add some templates or check your Thymeleaf configuration) "

问题 I am trying to send json data from angularjs service to controller in spring. But getting error: angular.js:10661 POST http://localhost:8080/shoping/product/add 500 (Internal Server Error) product_service.js:35 Error while adding product product_controller.js:30 {productId: null, productName: "sdfv", productPrice: 43, description: "sfdv", imageUrl: "csd"} This is my function in service in angularJs function addProduct(product){ var deferred = $q.defer(); $http.post(REST_SERVICE_URI+"add",