Не удалось передать аутентификацию Spring Security

Sumit Suman спросил: 11 июня 2018 в 10:58 в: spring

Невозможно передать аутентификацию с весной безопасности

AuditEvent [timestamp = 2018-07-05T12: 08: 06.306Z, main = anonymousUser, type = AUTHORIZATION_FAILURE, data = {details = org.springframework .security.web.authentication.WebAuthenticationDetails @ 0: RemoteIpAddress: 0: 0: 0: 0: 0: 0: 0: 1; SessionId: EF4FF849385896FA97E6E071393AC5E7, type = org.springframework.security.access.AccessDeniedException, message = Доступ запрещен}]

Моя конфигурация:

@EnableAuthorizationServer
@Configuration
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter{    //@Autowired
    private AuthenticationManager authenticationManagerBean;    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security.tokenKeyAccess("permitAll()")
            .checkTokenAccess("isAuthenticated()")
            .allowFormAuthenticationForClients();
    }    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
            .withClient("clientId")
            .secret("secret")
            .authorizedGrantTypes("authorization_code")
            .scopes("user_info")
            .autoApprove(true);
    }    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.authenticationManager(authenticationManagerBean);
    }
}@EnableResourceServer
@Configuration
public class ResourceServerConfig extends WebSecurityConfigurerAdapter{    //@Autowired
    private AuthenticationManager authenticationManagerBean;    @Bean(name = BeanIds.AUTHENTICATION_MANAGER)
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.requestMatchers()
            .antMatchers("/login", "/oauth/authorize")
            .and()
            .authorizeRequests()
            .anyRequest()
            .authenticated()
            .and()
            .formLogin()
            .permitAll()
            .and()
            .csrf().disable();
    }    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.parentAuthenticationManager(authenticationManagerBean)
            .inMemoryAuthentication()
            .withUser("sumit")
            .password("sumit")
            .roles("USER");
    }
}application.properties
server.port=8081
server.servlet.context-path=/auth@RestController
@RequestMapping("/rest/hello")
public class HelloResource {    @GetMapping("/principal")
    public Principal user(Principal principal) {
        return principal;
    }    @GetMapping
    public String hello() {
        return "hello world";
    }
}

0 ответов