ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
context.addFilter(GzipFilter.class, "/*", EnumSet.allOf(DispatcherType.class));
context.addFilter(new FilterHolder( new DelegatingFilterProxy( DEFAULT_FILTER_NAME ) ), "/*",EnumSet.allOf( DispatcherType.class ));
AnnotationConfigWebApplicationContext securityContext = new AnnotationConfigWebApplicationContext();
securityContext.setConfigLocation("com.test.auth");
DispatcherServlet dispatcherServlet = new DispatcherServlet(securityContext);
context.addServlet(new ServletHolder(dispatcherServlet), "/");
context.addServlet(new ServletHolder(new ServletContainer(createResourceConfig(AuthController.class))), "/auth/*");
Oauth2,如下所示:
@Order(4)
@EnableOAuth2Client
@EnableWebSecurity
@Configuration
public class Oauth2Config extends WebSecurityConfigurerAdapter {
@Bean
@Order(0)
public RequestContextListener requestContextListener() {
return new RequestContextListener();
}
@Autowired
private OAuth2ClientContext oauth2ClientContext;
@Autowired
private OAuth2ClientContextFilter oauth2ClientContextFilter;
@Autowired
private AuthConfig authConfig;
private OAuth2ProtectedResourceDetails authorizationCodeResource() {
AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
details.setId("google-oauth-client");
details.setClientId(authConfig.getProperty("oauth2.clientId"));
details.setClientSecret(authConfig.getProperty("oauth2.clientSecret"));
details.setUserAuthorizationUri(authConfig.getProperty("oauth2.userAuthorizationUri"));
details.setAccessTokenUri(authConfig.getProperty("oauth2.accessTokenUri"));
details.setTokenName(authConfig.getProperty("oauth2.tokenName"));
details.setScope(Arrays.asList(authConfig.getPropertyList("oauth2.scope")));
details.setAuthenticationScheme(AuthenticationScheme.query);
details.setClientAuthenticationScheme(AuthenticationScheme.form);
return details;
}
@Bean
public OAuth2ClientAuthenticationProcessingFilter
oauth2ClientAuthenticationProcessingFilter() {
// Used to obtain access token from authorization server (AS)
OAuth2RestOperations restTemplate = new OAuth2RestTemplate(
authorizationCodeResource(),
oauth2ClientContext);
OAuth2ClientAuthenticationProcessingFilter filter =
new OAuth2ClientAuthenticationProcessingFilter(authConfig.getProperty("oauth2.filterCallbackPath"));
filter.setRestTemplate(restTemplate);
// Set a service that validates an OAuth2 access token
// We can use either Google API's UserInfo or TokenInfo
// For this, we chose to use UserInfo service
filter.setTokenServices(googleUserInfoTokenServices());
return filter;
}
@Bean
public GoogleUserInfoTokenServices googleUserInfoTokenServices() {
GoogleUserInfoTokenServices userInfoTokenServices =
new GoogleUserInfoTokenServices(authConfig.getProperty("oauth2.userInfoUri"), authConfig.getProperty("oauth2.clientId"));
// TODO Configure bean to use local database to read authorities
// userInfoTokenServices.setAuthoritiesExtractor(authoritiesExtractor);
return userInfoTokenServices;
}
@Bean
public AuthenticationEntryPoint authenticationEntryPoint() {
// May need an OAuth2AuthenticationEntryPoint for non-browser clients
return new LoginUrlAuthenticationEntryPoint(authConfig.getProperty("oauth2.filterCallbackPath"));
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers(
"/", "/static/**", "/webjars/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.exceptionHandling()
.authenticationEntryPoint(authenticationEntryPoint());
http
.antMatcher("/auth/oauth/**")
.authorizeRequests()
.anyRequest().authenticated()
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/")
.and()
.addFilterAfter(
oauth2ClientContextFilter,
ExceptionTranslationFilter.class)
.addFilterBefore(
oauth2ClientAuthenticationProcessingFilter(),
FilterSecurityInterceptor.class)
.anonymous()
.disable();
}
@Override
protected AuthenticationManager authenticationManager() throws Exception {
return new NoopAuthenticationManager();
}
}
private static class NoopAuthenticationManager implements AuthenticationManager {
@Override
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
throw new UnsupportedOperationException(
"No authentication should be done with this AuthenticationManager");
}
}
@Bean
public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() {
return new PropertySourcesPlaceholderConfigurer();
}
在访问回调urlapi/auth/oauth/callback
时,我得到以下异常:
org.springframework.beans.factory.BeanCreationException:创建名为“ScopedTarget.oauth2ClientContext”的bean时出错:当前线程的作用域“session”不活动;如果您打算从单个对象引用这个bean,请考虑为它定义一个限定作用域的代理
完全异常跟踪:
我解决了问题。在这个Springboot
的时代,正在使用稍旧系统的人可能会发现答案很有用,所以可以分享它。
在jetty配置中需要添加RequestContextListener
,如下所示:
context.addEventListener(new RequestContextListener());
我将其添加到安全配置文件中,如下所示:
@Bean
@Order(0)
public RequestContextListener requestContextListener() {
return new RequestContextListener();
}
我创建了一个Spring App,我使用hibernate进行逆向工程,从MySQL Db生成java类。之后,我想使用这个类来实现存储库,但我有这个问题: 组织。springframework。豆。工厂BeanCreationException:创建名为“entityManagerFactory”的bean时出错,该bean在类路径资源[org/springframework/boot/auto
我试图在我的应用程序中使用JPA,但当我添加JPA并启动应用程序时,我遇到了这个错误。我在stackoverflow和其他网站上看到了与相同错误相关的问题,建议了许多答案,但没有运气解决这个错误。。我不明白我哪里做错了。 POM。XML 实体类 存储库类 控制器类 我得到的错误是 我试过了 创建在类路径资源中定义的名为“entityManagerFactory”的bean时出错:调用init方法失
http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/
我有一个实体类InAppNotification。看起来像这样的java: 我使用JPA来处理数据库查询,这就是JPA接口的定义: 这是我application.properties的样子: 但是,当我试图在构建后通过运行 来打包应用程序时,我会遇到以下问题: 尝试调用不存在的方法。尝试从以下位置进行:javax.el.ELManager.getExpress sionWorks(ELManage
在将project从Spring Boot版本从1.2.3.release迁移到1.3.0.release之后,我已经开始得到以下异常。 创建类路径资源[org/springframework/boot/autoconfigure/admin/springapplicationadminjmxautoconfiguration.class]中定义的名为'Spring ApplicationAdmi