spring-security-rest | 易学教程

How to configure resource id in resource server using oauth2 security

阅读更多关于 How to configure resource id in resource server using oauth2 security

问题 I am trying to create Authorization server and resource server. When tried to get access token from Authorization server its working and getting access token with following details. { "access_token": "5ffbc2d7-2a27-4f08-921f-f7de2410b5f5", "token_type": "bearer", "refresh_token": "d0fb85b3-52e0-45e0-84dc-ed38d55176a6", "expires_in": 599, "scope": "READ", "authorities": [ { "authority": "delete_profile" }, { "authority": "update_profile" }, { "authority": "read_profile" }, { "authority":

Grails REST security - Add user id to token

阅读更多关于 Grails REST security - Add user id to token

问题 I want to add user id field to token returned from /api/login Currently it's: { "username": "user", "roles": [ "ROLE_USER" ], "token_type": "Bearer", "access_token": "eyJhbGciOiJIUzI1NiJ9.2uk2YoHsyd7bqUdtUYN19ef..", "expires_in": 3600, "refresh_token": "eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINH.." } I need: { "id": "1", "username": "user", "roles": [ "ROLE_USER" ], "token_type": "Bearer", "access_token": "eyJhbGciOiJIUzI1NiJ9.2uk2YoHsyd7bqUdtUYN19ef..", "expires_in": 3600, "refresh_token":

class Authority is not a domain class or GORM has not been initialized correctly or has already been shutdown

阅读更多关于 class Authority is not a domain class or GORM has not been initialized correctly or has already been shutdown

问题 I'm working on a grails rest app. The grails version I'm using is 3.3.1. I'm using spring-security-rest for authorization. I've created the following classes using the s2-quickstart command. User Authority UserAuthority The app runs fine but the unit tests for the User class fail with the following error in console. java.lang.IllegalStateException: Either class [hungr.Authority] is not a domain class or GORM has not been initialized correctly or has already been shutdown. Ensure GORM is

Spring Boot 2.0 disable default security

阅读更多关于 Spring Boot 2.0 disable default security

I want to use Spring Security for JWT authentication. But it comes with default authentication. I am trying to disable it, but the old approach of doing this - disabling it through application.properties - is deprecated in 2.0. This is what I tried: @Configuration public class StackWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http.httpBasic().disable(); // http.authorizeRequests().anyRequest().permitAll(); // Also doesn't work. } } How can I simply disable basic security? UPDATE It might be nice to