Spring Boot OAuth2, with Tomcat and nginx get error ERR_TOO_MANY_REDIRECTS after authenticate

泄露秘密 提交于 2021-02-10 06:52:37

问题


I have a Spring Boot application, it use OAuth2 authentication from WSO2 Identity Server. When I run the aplication on Spring Tool Suit, it works, so i can sing in and use my web site. But when I run my application on Tomcat(9.0), I try access a page, and redirect to login page, and when i try to sign in, I get the error ERR_TOO_MANY_REDIRECTS

Error Example: When my spring boot app is runing on Tomcat, and I try to access the html page: https://domain/chat/example.html

if the user was not authenticated, redirects to login page WSO2 Identity Server: https://domain/is/authenticationendpoint/login.do

after login, the page redirects to the urls below, and does not redirect to url(https://domain/chat/example.html)

  1. https://domain/is/oauth2/authorize
  2. https://domain/chat/oauth2/authorization/wso2
  3. https://domain/chat/login/oauth2/code/wso2
  4. https://domain/chat/login

These pages return the error ERR_TOO_MANY_REDIRECTS.

A user can authenticate, but the application redirect and go to a loop that causes the error, the loop is between the urls 1,2,3,4.

Tomcat Log

Spring Boot Configurations:

LoginController.java

@Controller
public class LoginController {

    @GetMapping("/oauth-login")
    public String getLoginPage(Model model) {

        return "redirect:/oauth2/authorization/wso2";
    }
}

ConfigSecurity.java

@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)//abilitar seguranca nos metodos
public class ConfigSecurity extends WebSecurityConfigurerAdapter {
    
   protected void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests()
                .antMatchers("/oauth-login")
                .permitAll()
                .anyRequest()
                .authenticated()
                .and()
                .oauth2Login().loginPage("/oauth-login")
                .and()
                .logout().logoutUrl("/applogout");

    }
}

application.properties

server.port=8443

spring.security.oauth2.client.registration.wso2.client-name=WSO2 Identity Server
spring.security.oauth2.client.registration.wso2.client-id=asdasd
spring.security.oauth2.client.registration.wso2.client-secret=asdasd
spring.security.oauth2.client.registration.wso2.redirect-uri=https://domain/chat/login/oauth2/code/wso2
spring.security.oauth2.client.registration.wso2.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.wso2.scope=openid

#Identity Server Properties
spring.security.oauth2.client.provider.wso2.authorization-uri=https://domain/is/oauth2/authorize
spring.security.oauth2.client.provider.wso2.token-uri=https://domain/is/oauth2/token
spring.security.oauth2.client.provider.wso2.user-info-uri=https://domain/is/oauth2/userinfo
spring.security.oauth2.client.provider.wso2.jwk-set-uri=https://domain/is/oauth2/jwks

This is my git: https://github.com/Mingato/Root2

I followed the tutorial: https://medium.com/@piraveenaparalogarajah/secure-your-spring-boot-application-with-wso2-identity-server-8140af8aa30b

When I run a .jar file it works but when I run a .war file on tomcat it does not work.


回答1:


After many researchs, i found my mistake. My Configurations is right, but when i run my Spring boot app on Tomcat, i have to configure my application to run on it, but there are another way, I run my app in the easiest way, I generate the .jat and execute with the command bellow

  java -jar myapp.jar

So I remove the Tomcat Server to deploy my spring boot applications.



来源:https://stackoverflow.com/questions/65796586/spring-boot-oauth2-with-tomcat-and-nginx-get-error-err-too-many-redirects-after

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!