原文:http://www.5180it.com/bbs/admin/1/540.html
oauth2页面问题
我在本地上运行是没问题,发布上linux环境就出现下面情况
javax.servlet.ServletException: Cannot expose bind macro helper 'springMacroRequestContext' because of an existing model object of the same name
at org.springframework.web.servlet.view.AbstractTemplateView.renderMergedOutputModel(AbstractTemplateView.java:156) ~[spring-webmvc-4.3.25.RELEASE.jar!/:4.3.25.RELEASE]
at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:304) ~[spring-webmvc-4.3.25.RELEASE.jar!/:4.3.25.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1286) ~[spring-webmvc-4.3.25.RELEASE.jar!/:4.3.25.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1041) ~[spring-webmvc-4.3.25.RELEASE.jar!/:4.3.25.RELEASE]
解决办法 添加 spring.freemarker.expose-spring-macro-helpers=true
spring.thymeleaf.prefix=classpath:/templates/
spring.thymeleaf.cache=false
spring.thymeleaf.suffix=.html
spring.freemarker.expose-spring-macro-helpers=true
另外我发现本地环境在自定义授权页面 /oauthGrant 在 templates 路径下也有oauthGrant.html 页面
但发布上linux服务器确说页面不存在,觉得非常奇怪 , 所以将
return "/oauthGrant"; 改成 return "oauthGrant";
就可以了
获取token接口/oauth/token 接口问题
在本地能访问当发布上linux就返回401如下
<!doctype html>
<html lang="en-US">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>401 - 对不起,您没有访问权限</title>
<link href="/css/500.css" rel="stylesheet">
</head>
<body>
<div id="wrapper">
<a class="logo" href="#"></a>
<div id="main">
<div id="header">
<h1><span class="icon">!</span>401<span class="sub">权限错误</span></h1>
</div>
<div id="content">
<h2>对不起!您没有访问权限</h2>
</div>
</div>
</div>
</html>
我的header也是传了Authorization,网上说加上 allowFormAuthenticationForClients,但还是不行
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security
.tokenKeyAccess("permitAll()")
.checkTokenAccess("permitAll()")
.allowFormAuthenticationForClients()
.passwordEncoder(passwordEncoder());
}
找了好久报着尝试心态,加了passwordEncoder(passwordEncoder()); 居然可以了这不清楚为啥本地可以,但linux要加上这个密码加密的
oauth2服务器nginx配置问题 ,发现打开的页面跳转都没了端口,我这里是https的
这里直接给出解决方法
server {
listen 8891 ssl;
server_name 5180it.com;
#ssl on;
root html;
index index.html index.htm;
ssl_certificate cert/5180it.com.pem;
ssl_certificate_key cert/5180it.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://xiaoMiuser;
client_max_body_size 500m;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host:$server_port;
proxy_connect_timeout 30;
proxy_send_timeout 60;
}
}
upstream xiaoMiuser {
server 你的服务器地址; #如172.18.22.123:8080
}
proxy_set_header Host $host:$server_port; #重点重定向会导致oAuth2找不到正确的重定向地址
原文:http://www.5180it.com/bbs/admin/1/540.html
还有一个问题
{
"timestamp": 1618907745055,
"status": 403,
"error": "Forbidden",
"message": "Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'.",
"path": "/miot-api"
}
服务器发生异常:
org.springframework.security.authentication.InsufficientAuthenticationException: User must be authenticated with Spring Security before authorization can be completed.
o.s.s.o.provider.endpoint.TokenEndpoint : Handling error: NoSuchClientException, No client with requested id: XXX
当前共有 0 条评论