Multiple Resource server configuration in Spring security OAuth -

-

i trying use single auth server access multiple resource servers multiple clients.

i trying access 2 resource servers same auth server , configuration of resource servers goes below.

@bean @scope("prototype")  protected resourceserverconfiguration resource1() {      resourceserverconfiguration resource = new resourceserverconfiguration();     resource.setconfigurers(arrays.<resourceserverconfigurer> aslist(new resourceserverconfigureradapter() {     @override     public void configure(resourceserversecurityconfigurer resources) throws exception {         resources.resourceid(resource_id1).tokenstore(tokenstore);     }      @override     public void configure(httpsecurity http) throws exception {         http         .csrf().disable()         .requestmatchers().antmatchers("/greeting")         .and()         .authorizerequests()         .antmatchers("/users").hasrole("admin");                     } }    resource.setorder(4);     return resource; }  @bean @scope("prototype")  protected resourceserverconfiguration resource2() {     resourceserverconfiguration resource = new resourceserverconfiguration();     resource.setconfigurers(arrays.<resourceserverconfigurer> aslist(new resourceserverconfigureradapter() {         @override         public void configure(resourceserversecurityconfigurer resources) throws exception {             resources.resourceid(resource_id2).tokenstore(tokenstore);         }          @override         public void configure(httpsecurity http) throws exception {             http             .csrf().disable()             .requestmatchers().antmatchers("/welcome")             .and()             .authorizerequests()             .antmatchers("/users").hasrole("admin");         }     }        resource.setorder(5);     return resource; }

since default order of websecurityconfigureradapter 3,i have configured order of resource servers 4 , 5 respectively.

but configured beans getting overridden , can access resource "/welcome" has order 5 , if try access resource "/greeting",i getting following error,

{  "timestamp": 1444400211270,  "status": 403,  "error": "forbidden",  "message": "expected csrf token not found. has session expired?",  "path": "/greeting"}

if interchange order between resources,i can access resource has highest value 5.

note:i have 2 clients 1 can access resource1 , can access resource2.

please advice things missing.

from javadoc of resourceserverconfigurer:

applications may provide multiple instances of interface, , in general (like other security configurers), if more 1 configures same property, last 1 wins. configurers sorted {@link order} before being applied.

so maybe put permitall() on /welcome path in both configuration.


Comments

Post a Comment

Popular posts from this blog

How to show in django cms breadcrumbs full path? -

-
need advice - how show in breadcrumbs whole path article or page? i've got code: {% ance in ancestors %} <li> {% if not forloop.last %} <a href="{{ ance.get_absolute_url }}">{{ ance.get_menu_title }}</a> {% else %} <span class="active">{{ ance.get_menu_title }}</span> {% endif %} </li> {% endfor %} but shows "home" , current page. how modify show whole path in breadcrumbs? i've found in file menu_tags.py code calls ancestors. @ least there class showbreadcrumbs: class showbreadcrumb(inclusiontag): """ shows breadcrumb node has same url current request - start level: after level should breadcrumb start? 0=home - template: template used render breadcrumb """ name = 'show_breadcrumb' template = 'menu/dummy.html' options = options( argument('start_level', default=0, require...
Read more

php - Invalid Cofiguration - yii\base\InvalidConfigException - Yii2 -

-
Image
i've installed yii2-user module/dektrium yii2-app-basic application command composer require "dektrium/yii2-user:0.9.*@dev" config/console.php return [ . . 'modules' => [ 'gii' => 'yii\gii\module', 'user' => [ 'class' => 'dektrium\user\module', ], ], . . ] config/web.php 'components' => [ . . /* 'user' => [ 'identityclass' => 'app\models\user', 'enableautologin' => true, ], */ 'modules' => [ 'user' => [ 'class' => 'dektrium\user\module', ], ], . . ] after that, run command $ php yii migrate/up --migrationpath=@vendor/dektrium/yii2-user/migrations updating database schema . but, when run http://localhost/mylawsuit/yii/web/index.php?r=u...
Read more

ruby on rails - npm error: tunneling socket could not be established, cause=connect ETIMEDOUT -

-
i have app uses rails framework , implements angularjs part of front end. i have pushed heroku , have heroku toolbelt installed, when try migrate db using "heroku run rake db:migrate" receive following error(s): installing core plugins heroku-cli-addons, heroku-apps, heroku-fork, heroku-git, heroku-local, heroku-run, heroku-status... error installing package. try running again gode_debug=info see more output. ! `run` not heroku command. ! perhaps meant `-h`, `2fa`, `auth`, `join`, `open`, `orgs`, `pg`, `ps` or `rake`. ! see `heroku help` list of available commands. i run command "gode_debug=info heroku run rake db:migrate" , receive error: npm err! darwin 14.5.0 npm err! argv "/users/christopher_pelnar/.heroku/node-v4.2.1-darwin-x64/bin/node" "/users/christopher_pelnar/.heroku/node-v4.2.1-darwin-x64/lib/node_modules/npm/cli.js" "install" "heroku-cli-addons" "heroku-apps" "heroku-fork...
Read more