Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
L
L
LS Timer2019-04-19 15:04:18
Java
LS Timer, 2019-04-19 15:04:18

Two types of authorization. Login, password + oAuth2 in spring security. How to do?

There is a Spring boot project with authorization: login + password.

class WebSecurityConfig extends WebSecurityConfigurerAdapter
@Configuration
@EnableWebSecurity
//@EnableOAuth2Sso
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private AuthUserService authUserService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http
                .csrf().disable()
                .authorizeRequests()
                .antMatchers("/admin", "/user", "/new-event", "/dict/**", "/data/**").authenticated() // только для зарегистрированных
                .antMatchers("/**", "/static/**", "/publish/**").permitAll() // общий доступ
                .anyRequest().authenticated() // только для зарегистрированных

                .and();

        http.formLogin()
                .loginPage("/login")
                .failureUrl("/login?error")
                .permitAll()
                .and();

        http.logout()
                .permitAll()
                .logoutUrl("/logout")
                .logoutSuccessUrl("/")
                .invalidateHttpSession(true);

    }

    @Override
    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(authUserService)
                .passwordEncoder(NoOpPasswordEncoder.getInstance());
    }
}


Added authorization settings via google
oAuth google

security.oauth2.client.client-id=id
security.oauth2.client.client-secret=secret
security.oauth2.client.client-authentication-scheme=form
security.oauth2.client.scope=openid,email,profile
security.oauth2.client.access-token-uri=https://www.googleapis.com/oauth2/v4/token
security.oauth2.client.user-authorization-uri=https://accounts.google.com/o/oauth2/v2/auth
security.oauth2.resource.user-info-uri=https://www.googleapis.com/oauth2/v3/userinfo
security.oauth2.resource.prefer-token-info=true

If you uncomment @EnableOAuth2Sso from WebSecurityConfig,
authorization via google oAuth works properly, but login + password authorization does not work.
How to link two types of authorization through Spring security?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
D
Dave2016-01-12 19:21:29
How to submit a form through android application? 4Reply
V
Volodar Znatsky2021-08-28 20:33:48
How to create a window with nice rounded corners? 0Reply
D
Dima Zherebko2016-01-12 23:57:35
Is this style of writing code considered normal? 1Reply
H
hHup2018-05-22 09:10:33
File transfer in java? 1Reply
H
Hakito2016-01-14 01:22:22
What is the error when connecting to google API? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question