Spring Boot and OAuth2, WebSecurityConfigurerAdapter vs ResourceServerConfigurerAdapter

Question

Spring Boot and OAuth2, WebSecurityConfigurerAdapter vs ResourceServerConfigurerAdapter

What is the difference between WebSecurityConfigurerAdapter and ResourceServerConfigurerAdapter and which should have higher priority?

I do not see the difference if I am both the owner of the resources and the client. I can configure HttpSecurity in both classes.

EDIT:

What type of helpers should be added to WebSecurityConfigurerAdapter and which in ResourceServerConfigurerAdapter ? In some examples, I found that the WebSecurityConfigurerAdapter matches pages for login, registration, etc. And the ResourceServerConfigurerAdapter for the real resource. Is this the right way to do this?

+7

spring spring-boot spring-security-oauth2

Nikola Lošić Jun 26 '16 at 0:38

source share

1 answer

Ishara samantha · Accepted Answer · 2017-05-23T08:07:17+0000

ResourceServerConfigurerAdapter for setting access rules and paths protected by OAuth2 protection (some additional oauth2 filters are activated).

WebSecurityConfigurerAdapter for Spring Base Security Configuration.

Spring Boot and OAuth2, WebSecurityConfigurerAdapter vs ResourceServerConfigurerAdapter

More articles: