spring POST 请求“访问此资源需要完全身份验证”
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/42181318/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
POST request "Full authentication is required to access this resource"
提问by 0x539
Does anybody encountered the error "Full authentication is required to access this resource" trying to authenticate by using POST request oauth/token?
是否有人在尝试使用 POST 请求 oauth/token 进行身份验证时遇到错误“访问此资源需要完全身份验证”?
Curl command:
卷曲命令:
curl localhost:85/oauth/token -d grant_type=password -d client_id=web_app -d username=reader -d password=reader
Response:
回复:
{"timestamp":1486841819620,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/oauth/token"}
ResourceServerConfiguration configure
ResourceServerConfiguration 配置
http .csrf().disable() .authorizeRequests() .antMatchers("/**").authenticated() .antMatchers(HttpMethod.GET, "/me").hasAuthority("FOO_READ")
WebSecurityConfig configure
WebSecurityConfig 配置
http .csrf().disable() .exceptionHandling() .authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED))
Thanks!
谢谢!
回答by Dejazmach
This error message is from your own back end server. It is a spring framework error. If you check this with 2 providers, you can see that the error message is the same for both. The source of the problem, in my case, was my wrong mapping as a call back url. I configured my server to permit all requests that hit the endpoint localhost:8080/oauth2/callback/**to pass without authentication while the callback coming from the providers was configured as localhost:8080/login/oauth2/**. I did this mistake following thistutorial. For any reason, if there is a mismatch between these configurations, you will get the error.
此错误消息来自您自己的后端服务器。这是一个弹簧框架错误。如果您与 2 个提供程序进行检查,您可以看到两者的错误消息是相同的。就我而言,问题的根源在于我将错误映射为回调 url。我将服务器配置为允许所有到达端点的请求localhost:8080/oauth2/callback/**无需身份验证即可通过,而来自提供程序的回调被配置为localhost:8080/login/oauth2/**. 我按照本教程犯了这个错误。无论出于何种原因,如果这些配置之间存在不匹配,您都会收到错误消息。
