我有一个使用 spring-security-oauth-2.0.0-M2 构建的应用程序,现在我正在尝试将其升级到 2.0.0.RC1。示例配置发生了显着变化,现在使用 java config。
我已将配置转换为 java config,但我遇到了这个错误。
4937) [tomcat-embed-core-7.0.47.jar:7.0.47] 在 org.apache.catalina.core.StandardContext.startInteral(StandardContext.java:5434) [tomcat-embed-core-7.0.47。 jar:7.0.47] 在 org.apache.catalina.util.LifecycleBase.start(Lifec ycleBase.java:150) [tomcat-embed-core-7.0.47.jar:7.0.47] 在 org.apache.catalina。 core.ContainerBase$StartChild。在 org.apache.catalina.core.ContainerBase$StartChild 调用(ContainerBase.java:1559)[tomcat-embed-core-7.0.47.jar:7.0.47]。调用(ContainerBase.java:1549)[tomcat-embed-core-7.0.47.jar:7.0.47] 在 java.util.concurrent.FutureTask.run(FutureTask.java a:262)[na:1.7.0_45]在 java.util.concurrent.ThreadPoolExecutor.runWorker( ThreadPoolExecutor.java:1145) [na:1.7.0_45] 在 java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:615) [na:1.7.0_45]在 java.lang.Thread.run(Thread.java:
我的配置大多类似于示例 sprklr 配置
@Configuration
@EnableAuthorizationServer
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@Autowired
private TokenStore tokenStore;
@Autowired
private UserApprovalHandler userApprovalHandler;
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Bean
public TokenStore tokenStore() {
return new InMemoryTokenStore();
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory().withClient("some-client")
.authorizedGrantTypes("authorization_code", "password", "client_credentials")
.authorities("ROLE_USER", "ROLE_CLIENT")
.scopes("play", "trust")
.secret("xyz")
.accessTokenValiditySeconds(6000)
.and()
.withClient("some-other-client")
.authorizedGrantTypes("implicit")
.authorities("ROLE_USER", "ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
.scopes("play", "trust")
.autoApprove(true)
.accessTokenValiditySeconds(6000);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
if (tokenStore == null) {
throw new IllegalStateException("Token store is null");
}
if (userApprovalHandler == null) {
thrownew IllegalStateException ("User approval handler is null");
} if (authenticationManager == null) {
throw new IllegalStateException("Auth manager is null");
}
endpoints
.userApprovalHandler(userApprovalHandler)
.authenticationManager(authenticationManager)
.tokenStore(tokenStore);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.realm("myapp/client");
}
}
如您所见,我正在检查 configure(AuthorizationServerEndpointsConfigurer endpoints) 方法上的空值,一切似乎都很好,但不知何故 AuthorizationServerEndpointsConfiguration$TokenReg istrar 中的注册表从未设置。
(取自 spring security oauth 代码)
@Configuration
protected static class TokenStoreRegistrar implements BeanDefinitionRegistryPostProcessor {
private BeanDefinitionRegistry registry;
// Use a BeanFactoryPostProcessor to register a bean definition for a TokenStore in a safe way (without
// pre-empting a bean specified by the user)
@Override
public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
if (!registry.containsBeanDefinition(TOKEN_STORE_BEAN_NAME)) {
registry.registerBeanDefinition(TOKEN_STORE_BEAN_NAME, new RootBeanDefinition(InMemoryTokenStore.class));
}
}
@Override
public void postProcessBeanDefinitionRegistry(BeanDefinitionRegistry registry) throws BeansException {
this.registry = registry;
}
}