Geek Answers Handbook

403 forbidden when accessing / oauth / token in spring oauth

I try to implement Spring oauth 2.0 and I get 403 Forbidden error.

Spring -security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
    xmlns:security="http://www.springframework.org/schema/security"    
    xsi:schemaLocation="
        http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans.xsd
          http://www.springframework.org/schema/security/oauth2
        http://www.springframework.org/schema/security/spring-security-oauth2.xsd       
        http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security.xsd">

    <!-- Stateless RESTful services use BASIC authentication -->
    <security:http use-expressions="true" auto-config='true' create-session="stateless" authentication-manager-ref="authenticationManager">
        <security:intercept-url pattern="/oauth/**" access="isAnonymous()"/>
                <security:intercept-url pattern="/rest/**" />
        <security:http-basic/>

        <access-denied-handler ref="oauthAccessDeniedHandler"/>  
    </security:http>
    <oauth:authorization-server client-details-service-ref="client-details-service" token-services-ref="tokenServices">  
        <oauth:authorization-code />  
        <oauth:implicit />  
        <oauth:refresh-token />  
        <oauth:client-credentials />  
  <oauth:password authentication-manager-ref="authenticationOauthManager"/>   
    </oauth:authorization-server> 
    <beans:bean id="clientCredentialsTokenEndpointFilter"  
      class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">  
    <beans:property name="authenticationManager" ref="authenticationManager"/>  
    </beans:bean> 

    <beans:bean id="jdbcDaoImpl" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
        <beans:property name="enableGroups" value="true" />
         <beans:property name="enableAuthorities" value="false" />
        <beans:property name="dataSource" ref="dataSource" />
    </beans:bean> 

    <!-- Oauth Client Verification Configuration -->
    <oauth:client-details-service id="client-details-service">


        <!-- Web Application clients -->
        <oauth:client
                client-id="NofaAdmin"
                secret="655f523128212d6e70634446224c2a48"
                authorized-grant-types="password,refresh_token,authorization_code"

                access-token-validity="5184000"
                refresh-token-validity="5184000"
                />
</oauth:client-details-service>



    <beans:bean id="clientAuthenticationEntryPoint"
          class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
        <beans:property name="typeName" value="Basic"/>
    </beans:bean>



    <beans:bean id="oauthAccessDeniedHandler"
          class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler"/>  
    <!-- Token Generation -->
    <beans:bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">  
        <beans:property name="tokenStore" ref="tokenStore"/>  
        <beans:property name="supportRefreshToken" value="true"/>  
        <beans:property name="clientDetailsService" ref="client-details-service"/>  
    </beans:bean>

    <security:authentication-manager alias="authenticationOauthManager">
        <security:authentication-provider>
        <security:user-service>
        <security:user name="admin" password="password" authorities="ROLE_USER" />
        </security:user-service>
        </security:authentication-provider>
    </security:authentication-manager>
<!--    Storing Generated Tokens In Database
 -->     <!-- <beans:bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
       <beans:constructor-arg ref="dataSource" />
    </beans:bean>  -->
        <beans:bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore"/>  

    <oauth:resource-server id="resourceServerFilter" token-services-ref="tokenServices"/>

    <!-- Security JDBC Authentication Manager -->
    <security:authentication-manager alias="authenticationManager" xmlns="http://www.springframework.org/schema/security">
        <security:authentication-provider>
           <security:jdbc-user-service data-source-ref="dataSource"
          users-by-username-query=
          "select email,password,1 from USER where email=?" 

            authorities-by-username-query=
            "select * from ROLE r INNER JOIN (select * from USER u INNER JOIN ROLE_USER ru on u.ID=ru.USER_ID where u.email=? limit 1) roleobj on roleobj.ROLE_ID=r.ID"/>
        </security:authentication-provider>
    </security:authentication-manager>

</beans:beans>
<!-- <security:global-method-security jsr250-annotations="enabled" access-decision-manager-ref="accessDecisionManager"/>  
    <beans:bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">  
    <beans:property name="decisionVoters">   
        <beans:list>  
            <beans:bean class="org.springframework.security.access.annotation.Jsr250Voter"/>  
        </beans:list>  
    </beans:property>  
</beans:bean>  -->

Context.xml Application

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:mvc="http://www.springframework.org/schema/mvc"   
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="
        http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc.xsd
        http://www.springframework.org/schema/context
  http://www.springframework.org/schema/context/spring-context.xsd">
<beans default-autowire="byName">
    <!-- 
        <bean id="entityManagerFactory"
        class="org.springframework.orm.jpa.LocalEntityManagerFactoryBean">
        <property name="persistenceUnitName" value="m2m"/>
        </bean>
    -->


    <bean id="currencyRateService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/CurrencyRateService/remote" />
    </bean>
    <bean id="reportService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/ReportService/remote" />
    </bean>
    <bean id="invoiceService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/InvoiceService/remote" />
    </bean>
    <bean id="entercarduserService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/EnterCardUserService/remote" />
    </bean>
    <bean id="userService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/UserService/remote" />
    </bean>
    <bean id="userLoginStatusService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/UserLoginStatusService/remote" />
    </bean>
    <!--  <bean id="campaignService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/CampaignService/remote" />
    </bean> -->
    <bean id="rewardService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/RewardService/remote" />
    </bean>
    <bean id="partnerService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/PartnerService/remote" />
    </bean>

    <bean id="socialService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/SocialService/remote" />
    </bean>
    <bean id="activityService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/ActivityService/remote" />
    </bean>
    <bean id="constantService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/ConstantService/remote" />
    </bean>
    <bean id="regionService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/RegionService/remote" />
    </bean>
    <!-- <bean id="verificationService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName"
            value="m2m/VerificationService/remote" />
    </bean> -->

    <bean id="trophyService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/TrophyService/remote" />
    </bean>

    <bean id="contentService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/ContentService/remote" />
    </bean>

    <bean id="templateService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="m2m/TemplateService/remote" />
    </bean>

    <bean id="partnerUISettingService"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName"  value="m2m/PartnerUISettingService/remote" />
    </bean>


    <bean id="dataSource"
        class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="java:/M2MDS" />
    </bean>

    <!-- Cache -->
    <!-- <bean id="cacheManager" class="net.sf.ehcache.CacheManager" factory-method="getInstance" />  -->
    <bean id="cacheManager"
        class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
        <property name="configLocation" value="classpath:ehcache.xml" />
    </bean>

    <bean id="sessionCache"
        class="org.springframework.cache.ehcache.EhCacheFactoryBean">
        <property name="cacheManager" ref="cacheManager" />
        <property name="cacheName" value="m2msession" />
    </bean>

    <bean id="applicationCache"
        class="org.springframework.cache.ehcache.EhCacheFactoryBean">
        <property name="cacheManager" ref="cacheManager" />
        <property name="cacheName" value="m2mapplication" />
    </bean>

    <bean id="contextCache"
        class="com.sinarotech.m2m.web.cache.EhcacheContextCache">
        <property name="sessionCache" ref="sessionCache" />
        <property name="applicationCache" ref="applicationCache" />
    </bean>

    <!-- Utils -->
    <bean id="contactImporter"
        class="com.sinarotech.m2m.contact.OZContactImporter" />

    <bean id="helperUtils"
        class="com.sinarotech.m2m.web.util.HelperUtils">
        <property name="userService" ref="userService" />
        <property name="constantService" ref="constantService" />
        <property name="rewardService" ref="rewardService" />
    </bean>

    <bean id="pecuniosusManager"
        class="com.sinarotech.m2m.service.PecuniosusManager"
        factory-method="getInstance" />

    <bean id="config" class="com.sinarotech.m2m.util.Configuration"
        factory-method="getInstance" />

    <bean id="tipsFactory"
        class="com.sinarotech.m2m.web.util.TipsFactory">
        <constructor-arg type="java.lang.String" value="tips.drl" />
        <property name="config" ref="config" />
    </bean>

    <bean id="affiliateHandlerFactory"
        class="com.sinarotech.m2m.affiliate.AffiliateHandlerFactory"
        factory-method="getInstance" />

    <bean id="twitterHandler"
        class="com.sinarotech.m2m.twitter.AtomTwitterHandler" />

    <bean id="bankManager"
        class="com.sinarotech.m2m.service.BankManager"
        factory-method="getInstance" />

    <bean id="exchangeManager"
        class="com.sinarotech.m2m.web.util.ExchangeManager">
        <constructor-arg value="exchange.properties" />
        <property name="userService" ref="userService" />
        <property name="contextCache" ref="contextCache" />
    </bean>
 <bean
        class="org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping"/> 
    <bean id="supportProvider"
        class="com.sinarotech.m2m.support.HelpspotSupportProvider" />



<bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter">
        <property name="messageConverters">
            <list>
                                <bean class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter"/>
                <bean class="org.springframework.http.converter.ByteArrayHttpMessageConverter"/>
                <bean class="org.springframework.http.converter.xml.SourceHttpMessageConverter"/>
                <bean class="org.springframework.http.converter.FormHttpMessageConverter"/>
                <bean class="org.springframework.http.converter.StringHttpMessageConverter"/>
            </list>
        </property>

    </bean>
</beans>
</beans>

I am not getting any exceptions in my code. Can someone indicate what is inserted into the configuration part. I am trying to integrate Spring Security Oauth into a Struts application

thank

+4
source share

No one has answered this question yet.

See related questions:

More articles:


All Articles