SpringBoot1.3+ OAuth:身份验证请求失败: BadCredentialsException:无法获得访问令牌
SpringBoot1.3+ OAuth:身份验证请求失败: BadCredentialsException:无法获得访问令牌
提问于 2016-03-19 16:55:54
我正在尝试使用OAuth身份提供程序来验证WSO2 SpringBoot1.3。
org.springframework.security.authentication.BadCredentialsException:问题:身份验证请求失败:无法获得访问令牌
问题:为了获得访问令牌,我的代码/配置中缺少了什么。
application.yml
security:
oauth2:
client:
clientId: 6kRDeCMVKjYzH7duL33AFAYX8dka
clientSecret: USEZhqRyCfF_dIdEIjFolFOkTAoa
accessTokenUri: https://localhost:9443/oauth2/token
userAuthorizationUri: https://localhost:9443/oauth2/authorize
clientAuthenticationScheme: form
resource:
schema=openid
userInfoUri: https://localhost:9443/oauth2/userinfo?schema=openidApplication.groovy
@SpringBootApplication
@EnableOAuth2Sso
class Application extends GrailsAutoConfiguration {
static void main(String[] args) {
GrailsApp.run(Application, args)
}
@Bean public RequestContextListener requestContextListener(){
return new RequestContextListener();
}
}输出:
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Request '/login' matched by universal pattern '/**'
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@67c3c622. A new one will be created.
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
DEBUG org.springframework.security.web.header.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@681bd9a9
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Request 'GET /login' doesn't match 'POST /logout
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 6 of 12 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/login'; against '/login'
DEBUG org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter - Request is to process authentication
DEBUG org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Could not obtain access token
DEBUG org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter - Updated SecurityContextHolder to contain null Authentication
DEBUG org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter - Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@1ed9d99c
DEBUG org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler - No failure URL set, sending 401 Unauthorized error
DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed回答 1
Stack Overflow用户
回答已采纳
发布于 2016-03-19 18:06:01
我发现了问题。
问题:,因为我在开发模式下使用WSO2标识服务器,带有一个自签名证书,不信任它。而且,在对WSO2端点的某些HTTP请求中,此无效证书导致连接失败。
临时解决方案:在您的开发模式中关闭SSL检查。
解决方案:生产环境中的,请确保您的WSO2标识服务器有一个有效的证书。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/36104477
复制相关文章
相似问题
腾讯云开发者
