Stack Overflow
Stack Overflow

Questions tagged [spring-security-oauth2]

Spring Security's deprecated implementation of the OAuth2 spec. For OAuth2 with Spring Security 5 use Spring Security tag. We don't get many questions on OAuth 1(a) but feel free to tag them here.

Spring Security's deprecated implementation of the OAuth2 spec. The GitHub Project and the Spring Framework Website provide support for using Spring Security 4 with OAuth (1a) and OAuth2. It provides features for implementing both consumers and providers of these protocols using standard Spring and Spring Security programming models and configuration idioms.

3166 questions
7
votes
1 answer

Spring OAuth2 issues

I was converting xml based configuration (from source ) to java configuration. I have placed both the files below, it was working with xml configuration but cannot authenticate after changing to java configuration. Can anyone shed some ideas how to…
user1595858
  • 3,700
  • 15
  • 66
  • 109
7
votes
3 answers

SSL / Proxy Issue using Spring Cloud OAuth2

I adapted the following OAauth2 Spring Cloud samples: Authserver / SSO The only change I made, was using JPA on the Authserver side to check the credentials from a database. Everything works well, except deploying it behind an nginx proxy. As used…
Thilo
  • 81
  • 1
  • 6
7
votes
1 answer

Customize Spring Security OAuth 2 Response

In my Java app, I'm using the Spring Security OAuth 2 library to implement an OAuth provider. The response to a successful authentication (for the authorization_code grant type) is something like: {"access_token":…
Antonio Dragos
  • 1,973
  • 2
  • 29
  • 52
7
votes
5 answers

spring security oauth2 ClassCastException configuring DefaultTokenServices

I'm trying to run an sample application using spring boot and spring security oauth with a configured JdbcTokenStore and a DefaultTokenServices with infinite lifetime access tokens. Running this application with gradle bootRun, the application won't…
joo
  • 170
  • 1
  • 9
7
votes
1 answer

org.springframework.security.oauth2.provider.endpoint.TokenEndpoint handleException

I'm using "Spring OAuth2 REST" code from http://www.e-zest.net/blog/rest-authentication-using-oauth-2-0-resource-owner-password-flow-protocol/#comment-5993 and developing to work with the latest version of Spring-Security-OAuth2 (which is v…
PAA
  • 1
  • 46
  • 174
  • 282
7
votes
1 answer

Spring-boot oauth2 splitting authorization server and resource server

Im trying to split the resource server from the authorization server in spring-boot. I have two different applications that i'm running separately. In the authorization server i can get the bearer token from oauth/token but when i'm trying to get…
thomasso
  • 280
  • 1
  • 5
  • 12
7
votes
1 answer

Spring-Oauth2 Access Token request never succeeds due to missing CSRF 'preserved state'

I've been working the last couple days to get an implementation of spring boot / spring security / and java configuration working with spring-security-oauth2. I've managed to work through most of the difficulties, but am stumped as to what is going…
RutledgePaulV
  • 2,568
  • 3
  • 24
  • 47
7
votes
3 answers

Spring Security OAuth2 Redirect Loop

I have a oauth2 client spring-boot application with dependencies: - spring-boot 1.2.0.RC1 - spring-security-oauth2 2.0.4.RELEASE - spring-security 3.2.5.RELEASE The client authenticates, the authentication is set in the SecurityContextHolder but…
Yoandy Terradas
  • 153
  • 2
  • 9
7
votes
2 answers

Spring Security OAuth2 Java Config for Google Login

I am migrating working XML configuration to Java configuration for Spring Security OAuth2 and using Google as the OAuth provider. This is how my java configuration…
Kumar Sambhav
  • 7,503
  • 15
  • 63
  • 86
7
votes
2 answers

Spring OAuth2 "Full authentication is required to access this resource"

I'm trying to use Spring OAuth2 for my rest app. But looks like I made a mistake and I can find where I did it. The flow should be: 1. get token from /oauth/token with username and password 2. make request to /security with provided…
Alex
  • 967
  • 4
  • 15
  • 38
7
votes
1 answer

Spring security OAuth2 authorization process

Can anybody tell me what http GET or POST methods should I sequentially call in order to authorize to my apache cxf web services and get access to resources? I tried to…
Shendor
  • 749
  • 2
  • 11
  • 18
7
votes
2 answers

Does OAuth2 allow for authorization using non-password or custom credentials?

I'm using Spring Security OAuth2. The client application (that we own) makes a "password" grant request that passes the user's username and password. Just like the draft specifies. I need this mechanism to also support other types of credentials,…
revdev
  • 215
  • 2
  • 9
7
votes
1 answer

Spring Security OAuth2 simple configuration

I have a simple project that requires the simple following configuration : I have a "password" grant_type, which means I can submit the username/password (that the user enters in my login form), and get an access_token on success. With that…
Shotgun
  • 668
  • 2
  • 10
  • 24
7
votes
1 answer

Spring security oauth 2 simple example

I try to implement my own example based on official tutorial Sparklr2/Tonr2. Everything looks good but when I remove from web.xml in my Tonr2 implementation, spring security filter I have exception: No redirect URI has been established for the…
chaldaean
  • 1,222
  • 2
  • 13
  • 24
6
votes
1 answer

Unable to make the oauth2Login as stateless

I have provided the cookie based authorization request repository to oauth2Login() dsl to make it as stateless. but when I add the session creation policy as STATELESS , the oauth2 login is not working and returning "too many callbacks" error in UI…
Rajeev
  • 183
  • 2
  • 10
1 2 3
99 100