Spring 引导和 OAuth2 示例:重定向不起作用
Spring Boot and OAuth2 example: redirect not working
我正在尝试重复 tutorial 中的 "Spring Boot and OAuth2" 示例。
我运行和"gradlew bootRun"的例子。
它在 Windows 上正常工作,但我在 Ubuntu 14.04 上遇到问题。
当我单击 "login" 按钮时,服务不会执行重定向到授权服务器(例如 facebook),几分钟后 return 超时。
该服务的日志包含以下行:
o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /login' doesn't match 'POST /logout
o.s.security.web.FilterChainProxy : /login at position 6 of 12 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login'
uth2ClientAuthenticationProcessingFilter : Request is to process authentication
如有任何帮助,我将不胜感激。
谢谢。
教程源代码位于 github
我的源代码如下:
build.gradle
buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:1.4.1.RELEASE")
}
}
apply plugin: 'java'
apply plugin: 'idea'
apply plugin: 'spring-boot'
sourceCompatibility = '1.8'
targetCompatibility = '1.8'
repositories {
mavenCentral()
}
dependencies {
compile("org.springframework.boot:spring-boot-starter-security")
compile("org.springframework.boot:spring-boot-starter-web")
compile("org.springframework.security.oauth:spring-security-oauth2")
compile("org.webjars:webjars-locator")
compile("org.webjars:angularjs:1.4.3")
compile("org.webjars:jquery:2.1.1")
compile("org.webjars:bootstrap:3.2.0")
testCompile group: 'junit', name: 'junit', version: '4.11'
}
application.yml
security:
oauth2:
client:
clientId: 233668646673605
clientSecret: 33b17e044ee6a4fa383f46ec6e28ea1d
accessTokenUri: https://graph.facebook.com/oauth/access_token
userAuthorizationUri: https://www.facebook.com/dialog/oauth
tokenName: oauth_token
authenticationScheme: query
clientAuthenticationScheme: form
resource:
userInfoUri: https://graph.facebook.com/me
logging:
level:
org.springframework.security: DEBUG
SocialApplication.java
@SpringBootApplication
@EnableOAuth2Sso
@RestController
public class SocialApplication extends WebSecurityConfigurerAdapter {
@RequestMapping("/user")
public Principal user(Principal principal) {
return principal;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**").permitAll()
.anyRequest().authenticated()
.and().logout().logoutSuccessUrl("/").permitAll()
.and().csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
}
public static void main(String[] args) {
SpringApplication.run(SocialApplication.class, args);
}
}
超时是由安全随机调用引起的。
我的解决方案是以下几行:
bootRun {
jvmArgs = ["-Djava.security.egd=file:/dev/./urandom"]
}
我正在尝试重复 tutorial 中的 "Spring Boot and OAuth2" 示例。
我运行和"gradlew bootRun"的例子。 它在 Windows 上正常工作,但我在 Ubuntu 14.04 上遇到问题。 当我单击 "login" 按钮时,服务不会执行重定向到授权服务器(例如 facebook),几分钟后 return 超时。
该服务的日志包含以下行:
o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /login' doesn't match 'POST /logout
o.s.security.web.FilterChainProxy : /login at position 6 of 12 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login'
uth2ClientAuthenticationProcessingFilter : Request is to process authentication
如有任何帮助,我将不胜感激。 谢谢。
教程源代码位于 github
我的源代码如下:
build.gradle
buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:1.4.1.RELEASE")
}
}
apply plugin: 'java'
apply plugin: 'idea'
apply plugin: 'spring-boot'
sourceCompatibility = '1.8'
targetCompatibility = '1.8'
repositories {
mavenCentral()
}
dependencies {
compile("org.springframework.boot:spring-boot-starter-security")
compile("org.springframework.boot:spring-boot-starter-web")
compile("org.springframework.security.oauth:spring-security-oauth2")
compile("org.webjars:webjars-locator")
compile("org.webjars:angularjs:1.4.3")
compile("org.webjars:jquery:2.1.1")
compile("org.webjars:bootstrap:3.2.0")
testCompile group: 'junit', name: 'junit', version: '4.11'
}
application.yml
security:
oauth2:
client:
clientId: 233668646673605
clientSecret: 33b17e044ee6a4fa383f46ec6e28ea1d
accessTokenUri: https://graph.facebook.com/oauth/access_token
userAuthorizationUri: https://www.facebook.com/dialog/oauth
tokenName: oauth_token
authenticationScheme: query
clientAuthenticationScheme: form
resource:
userInfoUri: https://graph.facebook.com/me
logging:
level:
org.springframework.security: DEBUG
SocialApplication.java
@SpringBootApplication
@EnableOAuth2Sso
@RestController
public class SocialApplication extends WebSecurityConfigurerAdapter {
@RequestMapping("/user")
public Principal user(Principal principal) {
return principal;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**").permitAll()
.anyRequest().authenticated()
.and().logout().logoutSuccessUrl("/").permitAll()
.and().csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
}
public static void main(String[] args) {
SpringApplication.run(SocialApplication.class, args);
}
}
超时是由安全随机调用引起的。
我的解决方案是以下几行:
bootRun {
jvmArgs = ["-Djava.security.egd=file:/dev/./urandom"]
}