Menu
I'm working on spring-security-oauth2-1.0.3.RELEASE, trying to set up an oauth client to get user authenticated with google.
I spent quit a while on this and still don't find much good article explaining very clearly.
What I'm doing is to put an OAuth2ClientAuthenticationProcessingFilter into the filter chain like this:
<http xmlns="http://www.springframework.org/schema/security"
use-expressions="true" pattern="/oauth.html" auto-config="true">
<sec:intercept-url pattern="/**" access="isFullyAuthenticated()" />
<custom-filter ref="oauth2ClientFilter" position="CAS_FILTER" />
<sec:custom-filter ref="googleAuthFilter" after="CAS_FILTER" />
</http>
A custom-filter: googleAuthFilter is there to protect my URL.
Reading the source code of OAuth2ClientAuthenticationProcessingFilter, it requires a reference to
Now I'm confused. Spring-security-oauth is divided into 2 parts: client and provider.
Since I'm just setting up an Oauth client, why do I need to have a reference of a class from Oauth provider packages?
Also, How should I set up the ResourceServerTokenServices? Now I'm trying to use the defualt implementaiton. Because DefaultTokenServices again requires reference to
So far I tried all the default implementations:
and it seems not to work...
Thanks!
552
asked Apr 24 '26 11:04
I thought I might write something. But the version you are using is very old, recent version of Spring Security OAuth2 is very easy to use and have applied wide - many document. Let's make some search :D
http://jhasaket.blogspot.com/2014/09/securing-spring-mvc-application-using.html
53
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
