问题
i have a problem with my spring web-app. I want to access the google (calendar) api with the webapp and thus i have to authenticate myself to the api and grant access to the calendar.
But the actual problem is that i got the error org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: A redirect is required to get the users approval
web.xml
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/root-context.xml, /WEB-INF/spring-security.xml</param-value>
</context-param>
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/appServlet/servlet-context.xml, /WEB-INF/spring-security.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
spring-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd
http://www.springframework.org/schema/security/oauth2
http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd">
<oauth:client id="oauth2AuthenticationClientFilter" />
<oauth:resource id="oauth-resource"
client-authentication-scheme="form" type="authorization_code"
access-token-uri="https://accounts.google.com/o/oauth2/token"
user-authorization-uri="https://accounts.google.com/o/oauth2/auth"
client-id="CLIENT-ID"
client-secret="CLIENT-SECRET" scope="https://www.googleapis.com/auth/calendar"
pre-established-redirect-uri="http://localhost:8080/" />
<oauth:rest-template id="oauth-rest-template"
resource="oauth-resource" />
</beans:beans>
Controller
@Autowired
@Qualifier("oauth-rest-template")
private OAuth2RestTemplate oauth2RestTemplate;
/**
* Simply selects the home view to render by returning its name.
* @throws Exception
*/
@RequestMapping(value = "/test", method = RequestMethod.GET)
public String home(Locale locale, Model model) throws Exception {
String dataUri = "https://www.googleapis.com/calendar/v3/calendars/sebastian.heckmann%40googlemail.com";
Calendar result = oauth2RestTemplate.getForObject(dataUri, Calendar.class);
// ...
return "home";
}
If you need more code, please let me know. I am new to Spring (Security)
回答1:
I believe you are using Spring Security and must have defined DelegatingFilterProxy filter in your web.xml.
Your code snippet doesn't descrive the security configuration, you need to do following to get it working:-
Inside your < sec:http> tag, define the custom filter:-
< security:custom-filter ref="oauth2AuthenticationClientFilter" after="EXCEPTION_TRANSLATION_FILTER" />
Add listner to web.xml
org.springframework.web.context.request.RequestContextListener
来源:https://stackoverflow.com/questions/20376400/springframework-a-redirect-is-required-to-get-the-users-approval