Menu
I'm currently working on a Oauth2 implementation with Spring Security, and I found many documentations that use ResourceServerConfigurerAdapter along with the WebSecurityConfigurerAdapter.
I hope someone can tell me the differences between the two configurations because I really get confused in which configure(HttpSecurity http) method to use since both classes offer one.
I've found some similar questions here in stackoverflow but there are not clearly answered.
531
From reading the JavaDocs I think the only purpose it's to separate the concerns for OAuth2 Resources authentication from the WebSecurityConfigurerAdapters which contains all sorts of security filters.
Additionally it seems like you should add @EnableResourceServer annotation and provide a @Bean of type ResourceServerConfigurer via ResourceServerConfigurerAdapter. The annotation will basically create another WebSecurityConfigurerAdapters with an hard-coded order of 3.
So to summarise you will have 2 or more WebSecurityConfigurerAdapters but one is specific to OAuth2 authentications.
184
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
