oauth2-shiro的设计是分模块, 将authz与resources分成不同的子项目来实现. 但现实中有时需要将其合成一个项目, 对于此类场景中,该如何配置security, 具体如下:
1. 在security配置中使用OAuth2CredentialsMatcher类替换authz模块中的HashedCredentialsMatcher与resources模块中的SimpleCredentialsMatcher配置; 具体的配置可参考OAuth2CredentialsMatcher.java类的中注释.
2.在配置ShiroFilterFactoryBean中的filterChainDefinitions的value中添加
/oauth/** = anon
(另外注意合并时的url pattern不要有重复)
注意截图中的OAuth2JdbcRealm只用于resources模块, 在合并后不能使用, 使用其父类MkkJdbcRealm.
http://git.oschina.net/mkk/oauth2-shiro
请问我按照这个方法整合两个项目在oauth_login时报org.apache.shiro.authc.pam.UnsupportedTokenException: Realm [com.monkeyk.os.oauth.shiro.OAuth2JdbcRealm@1bb517c] does not support authentication token [org.apache.shiro.authc.UsernamePasswordToken – test, rememberMe=false]. Please ensure that the appropriate Realm implementation is configured correctly or that the realm accepts AuthenticationTokens of this type.
org.apache.shiro.authc.pam.UnsupportedTokenException: Realm [com.monkeyk.os.oauth.shiro.OAuth2JdbcRealm@1bb517c] does not support authentication token [org.apache.shiro.authc.UsernamePasswordToken – test, rememberMe=false]. Please ensure that the appropriate Realm implementation is configured correctly or that the realm accepts AuthenticationTokens of this type.
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:178)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
at com.monkeyk.os.oauth.authorize.AbstractAuthorizeHandler.submitLogin(AbstractAuthorizeHandler.java:150)
at com.monkeyk.os.oauth.authorize.AbstractAuthorizeHandler.handle(AbstractAuthorizeHandler.java:196)
at com.monkeyk.os.web.controller.OauthAuthorizeController.authorize(OauthAuthorizeController.java:58)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
但是我用MkkJdbcRealm就没问题……我是不是哪里配的不对呢
org.apache.shiro.authc.pam.UnsupportedTokenException: Realm [com.monkeyk.os.oauth.shiro.OAuth2JdbcRealm@1bb517c] does not support authentication token [org.apache.shiro.authc.UsernamePasswordToken – test, rememberMe=false]. Please ensure that the appropriate Realm implementation is configured correctly or that the realm accepts AuthenticationTokens of this type.
if(!(token instanceof OAuth2Token)){
return super.doGetAuthenticationInfo(token);
}
更详细配置查看文章 https://andaily.com/blog/?p=712