Search:

Hey thanks very much. Section 5.2 of the spec does state invalid_grant includes refresh_token has expired so the 400 behaviour is correct. Thanks for pointing me in the right direction.

Hi all,

We noticed that when attempting to refresh an access token with an expired refresh token using /authorize, HTTP Status Code 400 is being returned. This is from the following code:

...

Hi,

I'm puzzled by the change in oauth Authorization header name between M2 and M3 versions of code. In OAuth2ProtectedResourceFilter previously it was "oauth " now changed to "oauth2 ". I'm a...

Hi,

I'm trying to override the behaviour of OAuth2AuthorizationFilter. There are a couple of posts on this subject. One post implies it's not trivial to override. The other I've tried by declaring...

I tested it. It works great. Thanks.

Ok, I think I've answered my own question:-)

just remove auto-config='true' from <http

Anyone see any issues with that?

Hi,

I'm interested in disabling the BasicAuthenticationFilter from the filter chain. Is there a simple way to do this without having to declare the complete chain from scratch.

Thanks in...

Hi, I've only recently revisited this issue. The updated spec has new terminology called Grant Type and we are interested in Resource Owner Password Credentials support. I've got this working by...

Hi,

I'm trying to configure the password resource type on the tonr tutorial:

<oauth:resource id="sparklr" type="password" clientId="tonr"
...

I've just had a similar problem building sparklr2 but fixed it by pasting repository and dependency extracted into pom.xml:
http://forum.springsource.org/showthread.php?t=97987