Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
L
L
LS Timer2019-04-19 15:04:18
Java
LS Timer, 2019-04-19 15:04:18

Two types of authorization. Login, password + oAuth2 in spring security. How to do?

There is a Spring boot project with authorization: login + password.

class WebSecurityConfig extends WebSecurityConfigurerAdapter
@Configuration
@EnableWebSecurity
//@EnableOAuth2Sso
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private AuthUserService authUserService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http
                .csrf().disable()
                .authorizeRequests()
                .antMatchers("/admin", "/user", "/new-event", "/dict/**", "/data/**").authenticated() // только для зарегистрированных
                .antMatchers("/**", "/static/**", "/publish/**").permitAll() // общий доступ
                .anyRequest().authenticated() // только для зарегистрированных

                .and();

        http.formLogin()
                .loginPage("/login")
                .failureUrl("/login?error")
                .permitAll()
                .and();

        http.logout()
                .permitAll()
                .logoutUrl("/logout")
                .logoutSuccessUrl("/")
                .invalidateHttpSession(true);

    }

    @Override
    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(authUserService)
                .passwordEncoder(NoOpPasswordEncoder.getInstance());
    }
}


Added authorization settings via google
oAuth google

security.oauth2.client.client-id=id
security.oauth2.client.client-secret=secret
security.oauth2.client.client-authentication-scheme=form
security.oauth2.client.scope=openid,email,profile
security.oauth2.client.access-token-uri=https://www.googleapis.com/oauth2/v4/token
security.oauth2.client.user-authorization-uri=https://accounts.google.com/o/oauth2/v2/auth
security.oauth2.resource.user-info-uri=https://www.googleapis.com/oauth2/v3/userinfo
security.oauth2.resource.prefer-token-info=true

If you uncomment @EnableOAuth2Sso from WebSecurityConfig,
authorization via google oAuth works properly, but login + password authorization does not work.
How to link two types of authorization through Spring security?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
E
e1s2015-05-26 11:24:41
How to get rid of ban (number of questions) on stackoverflow.com? 2Reply
A
AKBAR ODILOV2015-06-11 14:20:21
Creating a social network from scratch video tutorials and tips please? 4Reply
T
Tange2015-07-25 16:47:09
How to find out the user's mail through the VK API? 1Reply
D
dikium2016-12-12 15:46:19
How to fix encoding when saving xml file in Java? 1Reply
C
Chvalov2014-12-17 13:25:58
How to prevent quitting an app with the back button in Android? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question