0

我使用 Spring security Oauth2 在 java 中创建了一个 RESTEasy 服务,用于身份验证和令牌生成。一切对我来说都很好,但是当我尝试访问我的服务以从浏览器 REST 客户端生成令牌时,它会要求提供凭据,但它会失败,但同时如果我通过 Java 中的 HTTPClient 访问相同的服务,它对我有用,

HttpClient client = new DefaultHttpClient();
    HttpPost post = new HttpPost("http://localhost:80/my-rest-application/oauth/token");

          List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(1);
          nameValuePairs.add(new BasicNameValuePair("client_id","myclientid"));
          nameValuePairs.add(new BasicNameValuePair("client_secret","myclientsecret"));
          nameValuePairs.add(new BasicNameValuePair("username","someuser"));
          nameValuePairs.add(new BasicNameValuePair("password","somepassword"));
          nameValuePairs.add(new BasicNameValuePair("grant_type","password"));

          post.setEntity(new UrlEncodedFormEntity(nameValuePairs));

          HttpResponse response = client.execute(post);

java中的Http客户端为我工作,但在浏览器休息客户端中它要求凭据并返回错误请求 浏览器休息客户端响应

知道为什么会这样吗?

我的配置,

<http pattern="/oauth/token" create-session="stateless"
    authentication-manager-ref="clientAuthenticationManager"
    xmlns="http://www.springframework.org/schema/security" > 
    <intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
    <anonymous enabled="false" />
    <http-basic entry-point-ref="clientAuthenticationEntryPoint" />
    <!-- include this only if you need to authenticate clients via request parameters -->
    <custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" /> 
    <access-denied-handler ref="oauthAccessDeniedHandler" />
</http>


<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
    <authentication-provider user-service-ref="clientDetailsUserService" />
</authentication-manager>

<bean id="clientDetailsUserService"
    class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
    <constructor-arg ref="clientDetails" />
</bean>

<bean id="clientDetails" class="my own client details implementation"/>



<bean id="clientAuthenticationEntryPoint"
    class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
    <!-- <property name="realmName" value="springsec/client" /> -->
    <property name="realmName" value="test/client" />
    <property name="typeName" value="Basic" />
</bean>

<bean id="clientCredentialsTokenEndpointFilter"
    class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
    <property name="authenticationManager" ref="clientAuthenticationManager" />
</bean>

<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
    <authentication-provider user-service-ref="clientDetailsUserService" />
</authentication-manager>
4

1 回答 1

0

content-type将 REST 客户端上的更改为application/x-www-form-urlencoded

于 2014-03-05T10:45:27.110 回答