org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 null
来源:4-6 搭建OAuth2资源服务器
慕仔6078626
2020-03-12
集成资源服务调用认证服务出现异常信息如下:org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 null
后台打印异常信息:
org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 null
at org.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:81) ~[spring-web-5.1.8.RELEASE.jar:5.1.8.RELEASE]
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:122) ~[spring-web-5.1.8.RELEASE.jar:5.1.8.RELEASE]
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:102) ~[spring-web-5.1.8.RELEASE.jar:5.1.8.RELEASE]
at org.springframework.security.oauth2.provider.token.RemoteTokenServices$1.handleError(RemoteTokenServices.jav
请问有人知道我哪里写错了吗?贴代码如下
认证服务代码:
/**
*
*/
package com.imooc.security.server.auth;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
/**
- @author jojo
*/
@Configuration
@EnableAuthorizationServer
public class OAuth2AuthServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private DataSource dataSource;
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private UserDetailsService userDetailsService;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("orderApp")
.secret(passwordEncoder.encode("123456"))
.scopes("read","write")
.accessTokenValiditySeconds(3600)
.resourceIds("order-server")
.authorizedGrantTypes("password")
.and()
.withClient("orderService")
.secret(passwordEncoder.encode("123456"))
.scopes("read","write")
.accessTokenValiditySeconds(3600)
.resourceIds("order-server")
.authorizedGrantTypes("password", "authorization_code", "refresh_token") ;
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security .tokenKeyAccess("isAuthenticated()").checkTokenAccess("permitAll()") ;
}
}
资源服务代码:
package com.mice.server.resource;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
@Configuration
@EnableResourceServer
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception { // 生命自己的id
resources.resourceId("order-server");
}
/*
* @Override public void configure(HttpSecurity http) throws Exception {
* //那些不需要授权,在这里配置
* http.authorizeRequests().antMatchers("/haha").permitAll().anyRequest().
* authenticated(); }
*/
}
package com.mice.server.resource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationManager;
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
@Configuration
@EnableWebSecurity
public class Ouath2WebSecurityConfig extends WebSecurityConfigurerAdapter {
/*
* @Autowired private PasswordEncoder passwordEncoder;
*/
@Bean
public ResourceServerTokenServices tokenServices() {
RemoteTokenServices tokenServices = new RemoteTokenServices();
tokenServices.setClientId("orderService");
tokenServices.setClientSecret("123456");
tokenServices.setCheckTokenEndpointUrl("http://localhost:9090/ouath/check_token");
return tokenServices;
}
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
OAuth2AuthenticationManager auth2AuthenticationManager = new OAuth2AuthenticationManager();
auth2AuthenticationManager.setTokenServices(tokenServices());
return auth2AuthenticationManager;
}
}
3回答
-
慕粉3333946
2021-03-30
一样的问题,解决了吗
00 -
慕用7359371
2020-08-02
一样的问题,解决了吗?
00 -
我是可愛蛋蛋
2020-07-17
把方法改成这个试试
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.checkTokenAccess("permitAll()");
}00
相似问题