Browse Source

Testing SECOAUTH authorization server

pull/59/head
Amanda Anganes 13 years ago
parent
commit
fc00872800
  1. 18
      server/src/main/webapp/WEB-INF/spring/application-context.xml
  2. 25
      server/src/main/webapp/WEB-INF/spring/security-context.xml

18
server/src/main/webapp/WEB-INF/spring/application-context.xml

@ -27,25 +27,7 @@
<property name="showSql" value="true" /> <property name="showSql" value="true" />
</bean> </bean>
<!-- Authorization Code Service, used by TokenGranter -->
<bean id="jdbcAuthCodeServices" class="org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices">
<constructor-arg>
<bean class="org.apache.commons.dbcp.BasicDataSource"/>
</constructor-arg>
</bean>
<bean id="clientCredentialsChecker" class="org.springframework.security.oauth2.provider.ClientCredentialsChecker">
<constructor-arg>
<bean class="org.mitre.oauth2.service.impl.DefaultOAuth2ClientDetailsEntityService"/>
</constructor-arg>
</bean>
<!-- SECOAUTH Authorization Server, with our custom token granter plugged in -->
<oauth:authorization-server client-details-service-ref="defaultOAuth2ClientDetailsEntityService"
token-services-ref="defaultOAuth2ProviderTokenService" token-granter-ref="connectAuthCodeTokenGranter"
authorization-endpoint-url="/openidconnect/auth*">
<!-- <oauth:authorization-code disabled="true"/> -->
</oauth:authorization-server>
<!-- Map our custom exception classes to named views --> <!-- Map our custom exception classes to named views -->
<bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver"> <bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">

25
server/src/main/webapp/WEB-INF/spring/security-context.xml

@ -10,11 +10,32 @@
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true"/> <security:global-method-security pre-post-annotations="enabled" proxy-target-class="true"/>
<security:http use-expressions="true"> <security:http use-expressions="true" auto-config="true">
<!-- <security:intercept-url pattern="/oauth/user/**" access="hasRole('ROLE_USER')"/> --> <!-- <security:intercept-url pattern="/oauth/user/**" access="hasRole('ROLE_USER')"/> -->
<security:openid-login login-page="/j_spring_openid_security_check?openid_identifier=OPENID_IDENTIFIER" /> <security:intercept-url pattern="/*" access="permitAll"/>
</security:http> </security:http>
<!-- Authorization Code Service, used by TokenGranter -->
<bean id="jdbcAuthCodeServices" class="org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices">
<constructor-arg>
<bean class="org.apache.commons.dbcp.BasicDataSource"/>
</constructor-arg>
</bean>
<bean id="clientCredentialsChecker" class="org.springframework.security.oauth2.provider.ClientCredentialsChecker">
<constructor-arg>
<bean class="org.mitre.oauth2.service.impl.DefaultOAuth2ClientDetailsEntityService"/>
</constructor-arg>
</bean>
<!-- SECOAUTH Authorization Server, with our custom token granter plugged in -->
<oauth2:authorization-server client-details-service-ref="defaultOAuth2ClientDetailsEntityService"
token-services-ref="defaultOAuth2ProviderTokenService" token-granter-ref="connectAuthCodeTokenGranter"
authorization-endpoint-url="/openidconnect/auth*">
<oauth2:authorization-code />
</oauth2:authorization-server>
<security:authentication-manager> <security:authentication-manager>
<security:authentication-provider> <security:authentication-provider>
<security:user-service id="userDetailsService"> <security:user-service id="userDetailsService">

Loading…
Cancel
Save