5
Ho un'applicazione RESTful basata su OAuth2 Spring Security. Ho cercato di cambiare i formati di messaggistica predefiniti di Spring Security da XML a JSON e ho avuto un parziale successo nel farlo.Spring Security OAuth2 Modifica formato risposta errore JSON
Per esempio - ho capito come cambiare il formato di risposta quando la richiesta non contiene portatore di token (seguente riga fa)
<bean id="oauthAuthenticationEntryPoint" class ="c.s.m.security.CustomAuthenticationEntryPoint" />
Ma io non sono in grado di capire come prendere/cambio il formato dei seguenti due articoli.
Quando un token non valido viene passato nell'URL protetto, Spring Security al momento torna indietro. Dove cambio questo formato?
{"error": "invalid_token","error_description": "Invalid access token: 144285e3-9563-420e-8ce"}Come faccio a cambiare il formato JSON BadCredentialsException? Attualmente restituisce un JSON simile al precedente?
Qui di seguito è il mio applicationContext.xml
<sec:http pattern="/oauth/token" create-session="stateless"
use-expressions="true" authentication-manager-ref="authenticationManager">
<sec:csrf disabled="true" />
<sec:anonymous enabled="false" />
<sec:http-basic entry-point-ref="clientAuthenticationEntryPoint" />
<sec:custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" />
<sec:access-denied-handler ref="oauthAccessDeniedHandler" />
</sec:http>
<sec:authentication-manager alias="authenticationManager"
erase-credentials="false">
<sec:authentication-provider user-service-ref="clientDetailsUserService" />
</sec:authentication-manager>
<bean id="clientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
<constructor-arg ref="clientDetails" />
</bean>
<!-- Entry point - Entry point Filter for token server -->
<bean id="clientAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<property name="realmName" value="Oauth 2 security" />
<property name="typeName" value="Basic" />
</bean>
<bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<!-- Oauth handler Access Denied Handler -->
<bean id="oauthAccessDeniedHandler" class="c.s.m.security.CustomAccessDeniedHandler" />
<!-- class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" /> -->
<!-- Server resource -->
<sec:http pattern="/api/**" create-session="never"
entry-point-ref="oauthAuthenticationEntryPoint" use-expressions="true" >
<sec:csrf disabled="true" />
<sec:anonymous enabled="false" />
<sec:intercept-url pattern="/api/**" access="hasRole('ROLE_ADMIN')" />
<sec:custom-filter ref="resourceServerFilter"
before="PRE_AUTH_FILTER" />
<sec:access-denied-handler ref="oauthAccessDeniedHandler" />
</sec:http>
<!-- Entry point resource -->
<bean id="oauthAuthenticationEntryPoint" class ="c.s.m.security.CustomAuthenticationEntryPoint" />
<oauth:resource-server id="resourceServerFilter" resource-id="springsec" token-services-ref="tokenServices" />
<bean id="tokenServices"
class="org.springframework.security.oauth2.provider.token.DefaultTokenServices" >
<property name="tokenStore" ref="tokenStore" />
<property name="supportRefreshToken" value="true" />
<property name="accessTokenValiditySeconds" value="300000" />
<property name="clientDetailsService" ref="clientDetails" />
</bean>
<bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
<constructor-arg ref="dataSource" />
</bean>
<oauth:authorization-server client-details-service-ref="clientDetails" token-services-ref="tokenServices">
<oauth:authorization-code />
<oauth:implicit />
<oauth:refresh-token />
<oauth:client-credentials />
<oauth:password authentication-manager-ref="userAuthenticationManager" />
</oauth:authorization-server>
<sec:authentication-manager id="userAuthenticationManager">
<sec:authentication-provider ref="customUserDetailsService" />
</sec:authentication-manager>