具有以下的web.xml基於類的配置:春天的oauth2 InsufficientAuthenticationException
public class WebApp extends AbstractDispatcherServletInitializer {
@Override
protected WebApplicationContext createServletApplicationContext() {
AnnotationConfigWebApplicationContext context = new AnnotationConfigWebApplicationContext();
context.scan(ClassUtils.getPackageName(getClass()));
return context;
}
@Override
protected String[] getServletMappings() {
return new String[]{"/api/*"};
}
@Override
protected WebApplicationContext createRootApplicationContext() {
return null;
}
@Override
public void onStartup(ServletContext servletContext) throws ServletException {
super.onStartup(servletContext);
DelegatingFilterProxy filter = new DelegatingFilterProxy("springSecurityFilterChain");
filter.setServletContext(servletContext);
filter.setContextAttribute("org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher");
servletContext.addFilter("springSecurityFilterChain", filter).addMappingForUrlPatterns(null, false, "/api/*");
}
}
當試圖訪問的OAuth端點我得到以下結果之一:
curl -u core:secret "http://localhost:8081/api/oauth/token?client_id=core&grant_type=password&username=user&password=123&response_type=token&scope=admin"
{"error":"unauthorized","error_description":"There is no client authentication. Try adding an appropriate authentication filter."}%
奇怪這是當我將servlet的映射從/ api/*更改爲/時,它按預期工作。所以有些事情一定是錯的,但我無能爲力?