为什么我Oauth2.0 的login接口访问不到?原来是我多加了一个注解@EnableResourceServer
问题:我想使用Oauth2.0 的login接口登录,但始终是401
重现步骤:
WebSecurityConfig的配置
package com.xiannanshan.user.config; import com.xiannanshan.user.config.user.UserDetailsServiceImpl; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; /** * @author Yangqi.Pang */ @Configuration @EnableWebSecurity() public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private UserDetailsServiceImpl userDetailsService; /** * 配置认证管理器 * * @return * @throws Exception */ @Bean @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } /** * 配置密码加密对象(解密时会用到PasswordEncoder的matches判断是否正确) * 用户的password和客户端clientSecret用到,所以存的时候存该bean encode过的密码 */ @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } /** * 这里是对认证管理器的添加配置 * * @param auth * @throws Exception */ @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth .userDetailsService(userDetailsService) .passwordEncoder(new BCryptPasswordEncoder()); } @Override protected void configure(HttpSecurity http) throws Exception { http.formLogin().permitAll()//注意这里是配置login表单登录的 .and() .authorizeRequests() .anyRequest() .permitAll() .and().csrf().disable().cors(); } }
AuthorizationConfig的配置
package com.xiannanshan.user.config; import com.xiannanshan.user.client.service.impl.ClientDetailsServiceImpl; import com.xiannanshan.user.config.user.UserDetailsServiceImpl; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; /** * @author Yangqi.Pang */ @Configuration @EnableResourceServer @EnableAuthorizationServer public class AuthorizationConfig extends AuthorizationServerConfigurerAdapter { @Autowired private UserDetailsServiceImpl userDetailsService; @Autowired private ClientDetailsServiceImpl clientDetailsService; @Autowired private AuthenticationManager authenticationManager; @Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security .allowFormAuthenticationForClients() .tokenKeyAccess("isAuthenticated()") .checkTokenAccess("permitAll()"); } @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.withClientDetails(clientDetailsService); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.authenticationManager(authenticationManager) .userDetailsService(userDetailsService); super.configure(endpoints); } }
运行起来之后,发现POST /login方法一直不进入UsernamePasswordAuthenticationFilter
经过对比排查发现:原来是我多加了一个注解@EnableResourceServer
问题解决:去掉@EnableResourceServer注解