java如何在Spring OAuth+引导中捕获无效的_客户端
我可以将一些事件发布到事件发布者,例如成功的客户端身份验证和成功/失败的用户身份验证。 但当客户端凭据错误时,不会发布任何事件
以下是日志:
DEBUG::org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter::doFilter::Request is to process authentication
DEBUG::...ClientCredentialsTokenEndpointFilter::unsuccessfulAuthentication::Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials
DEBUG::...ClientCredentialsTokenEndpointFilter::unsuccessfulAuthentication::Updated SecurityContextHolder to contain null Authentication
DEBUG::...ClientCredentialsTokenEndpointFilter::unsuccessfulAuthentication::Delegating to authentication failure handler org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter$1@734b2ca6
DEBUG::org.springframework.security.oauth2.provider.error.DefaultOAuth2ExceptionRenderer::writeWithMessageConverters::Written [error="invalid_client", error_description="Bad client credentials"] as "application/json" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter@37536106]
在spring-security-oauth2的2.0.8-RELEASE中,似乎没有办法在ClientCredentialsTokenEndpointFilter中设置自定义故障处理程序(通过AuthorizationServerConfigurerAdapter)
此外,添加拦截器似乎并没有奏效
或者我只是做错了
有人有幸用Spring Boot+OAuth2捕捉到所有身份验证事件吗
共 (0) 个答案