Spring REST with OAuth2.0 not working

Question

I am working on Spring REST with OAuth2 integration nad below are the details :

Spring : 4.3.0
Spring Security : 4.1.0
Sping OAuth : 2.3.0
JDK 1.6
Deployed in both Tomcat 7.0 and Websphere 7.

I am able to deploy the project and able to access the Resource as well. But OAuth not working. Without passing token etccc I am ble to get the response from the REST service.

Controller : https://gist.github.com/nareshnaredla2424/803b4e3aa0428ecbd36aacd86d47d7c6

AuthorizationServerConfigurerAdapter : https://gist.github.com/nareshnaredla2424/3e9baf2c895045db8b71b57b129392fd

ResourceServerConfigurerAdapter : https://gist.github.com/nareshnaredla2424/2de1fa631fc172b5d2cb2ccab80cb209

WebSecurityConfigurerAdapter: https://gist.github.com/nareshnaredla2424/66473b3e7644bf3fbdcf783a8e73a191

GlobalMethodSecurityConfiguration: https://gist.github.com/nareshnaredla2424/799d9153a1413aecbd49243fe2275dc5

AbstractAnnotationConfigDispatcherServletInitializer : https://gist.github.com/nareshnaredla2424/b64a424ee0f98050e3d5c6c58fa53e27

WebMvcConfigurerAdapter: https://gist.github.com/nareshnaredla2424/b66c35efbafdc8a64843d78455dc8d92

I am Facing this issue from few days.

Could anybody please help me to resolve this issue.

Thank you.

Oauth not working means you can get the token or you have token and it can't be verified ? Can you elaborate your issue ? — Paulin Amougou, Jun 23 '18 at 15:50
I have a method which will be accepting a GET request and give response as JSON. If I send GET request it has to give error message like not authorised right. But I am able to get the JSON response directly means without passing token. — Naresh.Naredla, Jun 23 '18 at 16:26

score 0 · Answer 1 · answered Jun 23 '18 at 18:33

0

Try this few changes :

In OAuth2ResourceServerConfig class,remove the method :

public void configure(HttpSecurity http) throws Exception and the class will look like :

@Configuration
@EnableResourceServer
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {

    private static final String RESOURCE_ID = "SPRING_REST_API";

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        resources.resourceId(RESOURCE_ID).stateless(false);
    }
}

In OAuth2SecurityConfig class, update the method :

protected void configure(HttpSecurity http) by adding antMatchers("/**").authenticated() like this :

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
        .csrf().disable()
        .anonymous().disable()
        .authorizeRequests()
        .antMatchers("/oauth/token").permitAll()
        .antMatchers("/**").authenticated();
    }

answered Jun 23 '18 at 18:33

Paulin Amougou

139
1
10

I tried as you suggested above. But same issue repeated. – Naresh.Naredla Jun 23 '18 at 23:27
Could anybody help me – Naresh.Naredla Jun 24 '18 at 00:35
Can anybody help me please – Naresh.Naredla Jun 25 '18 at 04:36
Could anybody Help me please – Naresh.Naredla Jun 25 '18 at 14:51
I was able to deploy and working fine Tomcat. Same project I deployed in Websphere 7. – Naresh.Naredla Jun 27 '18 at 12:13
In Websphere7 it is not working. Any additional changes do we need to do? – Naresh.Naredla Jun 27 '18 at 12:13

Spring REST with OAuth2.0 not working

1 Answers1