小编cha*_*ean的帖子

我尝试基于官方教程Sparklr2/Tonr2实现我自己的示例.一切看起来不错,但是当我从删除web.xml我的Tonr2实施,春季安全过滤器我有例外:

没有为当前请求建立重定向URI

我无法理解我应该使用哪个URL.这是我的代码,用于客户端实现:

<!--apply the oauth client context -->
<oauth:client id="oauth2ClientFilter" />

<!--define an oauth 2 resource for sparklr -->
<oauth:resource id="provider" type="authorization_code" client-id="client" client-secret="secret" 
    access-token-uri="http://localhost:8080/provider/oauth/token" user-authorization-uri="http://localhost:8080/provider/oauth/authorize" scope="read,write" />

<beans:bean id="clientController" class="com.aouth.client.ClientController">
    <beans:property name="trustedClientRestTemplate">
        <oauth:rest-template resource="provider" />
    </beans:property>
</beans:bean>

对于提供者:

<http pattern="/oauth/token" create-session="stateless" authentication-manager-ref="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
    <intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
    <anonymous enabled="false" />
    <http-basic />
</http>

<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
    <authentication-provider user-service-ref="clientDetailsUserService" />
</authentication-manager>

<bean id="clientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
    <constructor-arg ref="clientDetails" />
</bean>

<!-- The OAuth2 protected resources …

我想将Spring Social facebook与Spring Security集成到我的应用程序中(我使用xml配置).我需要的只是将Facebook帐户与我的应用程序的帐户连接.在简单的例子中我发现了这个:

<bean id="connectionRepository" factory-method="createConnectionRepository" 
      factory-bean="usersConnectionRepository" scope="request">
    <constructor-arg value="#{request.userPrincipal.name}" />
    <aop:scoped-proxy proxy-target-class="false" />
</bean>

所以,据我所知,这种方法发挥作用:

public ConnectionRepository createConnectionRepository(String userId) {
        if (userId == null) {
            throw new IllegalArgumentException("userId cannot be null");
        }
        return new JdbcConnectionRepository(userId, jdbcTemplate, connectionFactoryLocator, textEncryptor, tablePrefix);
    }

它userId从" #{request.userPrincipal.name}."中复活.所以,我的问题是:userId如果我想获得这个" userId" ,我怎么能把" " 传递给这个方法SecurityContextHolder.getContext().getAuthentication().getPrincipal().

我看到的唯一方法是创建我的实现JdbcUsersConnectionRepository和重新定义createConnectionRepository(String userId)方法.但也许有更优雅的解决方案.