问题
I have a Spring Boot application, it use OAuth2 authentication from WSO2 Identity Server. When I run the aplication on Spring Tool Suit, it works, so i can sing in and use my web site. But when I run my application on Tomcat(9.0), I try access a page, and redirect to login page, and when i try to sign in, I get the error ERR_TOO_MANY_REDIRECTS
Error Example: When my spring boot app is runing on Tomcat, and I try to access the html page: https://domain/chat/example.html
if the user was not authenticated, redirects to login page WSO2 Identity Server: https://domain/is/authenticationendpoint/login.do
after login, the page redirects to the urls below, and does not redirect to url(https://domain/chat/example.html)
- https://domain/is/oauth2/authorize
- https://domain/chat/oauth2/authorization/wso2
- https://domain/chat/login/oauth2/code/wso2
- https://domain/chat/login
These pages return the error ERR_TOO_MANY_REDIRECTS.
A user can authenticate, but the application redirect and go to a loop that causes the error, the loop is between the urls 1,2,3,4.
Tomcat Log
Spring Boot Configurations:
LoginController.java
@Controller
public class LoginController {
@GetMapping("/oauth-login")
public String getLoginPage(Model model) {
return "redirect:/oauth2/authorization/wso2";
}
}
ConfigSecurity.java
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)//abilitar seguranca nos metodos
public class ConfigSecurity extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/oauth-login")
.permitAll()
.anyRequest()
.authenticated()
.and()
.oauth2Login().loginPage("/oauth-login")
.and()
.logout().logoutUrl("/applogout");
}
}
application.properties
server.port=8443
spring.security.oauth2.client.registration.wso2.client-name=WSO2 Identity Server
spring.security.oauth2.client.registration.wso2.client-id=asdasd
spring.security.oauth2.client.registration.wso2.client-secret=asdasd
spring.security.oauth2.client.registration.wso2.redirect-uri=https://domain/chat/login/oauth2/code/wso2
spring.security.oauth2.client.registration.wso2.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.wso2.scope=openid
#Identity Server Properties
spring.security.oauth2.client.provider.wso2.authorization-uri=https://domain/is/oauth2/authorize
spring.security.oauth2.client.provider.wso2.token-uri=https://domain/is/oauth2/token
spring.security.oauth2.client.provider.wso2.user-info-uri=https://domain/is/oauth2/userinfo
spring.security.oauth2.client.provider.wso2.jwk-set-uri=https://domain/is/oauth2/jwks
This is my git: https://github.com/Mingato/Root2
I followed the tutorial: https://medium.com/@piraveenaparalogarajah/secure-your-spring-boot-application-with-wso2-identity-server-8140af8aa30b
When I run a .jar file it works but when I run a .war file on tomcat it does not work.
回答1:
After many researchs, i found my mistake. My Configurations is right, but when i run my Spring boot app on Tomcat, i have to configure my application to run on it, but there are another way, I run my app in the easiest way, I generate the .jat and execute with the command bellow
java -jar myapp.jar
So I remove the Tomcat Server to deploy my spring boot applications.
来源:https://stackoverflow.com/questions/65796586/spring-boot-oauth2-with-tomcat-and-nginx-get-error-err-too-many-redirects-after