Search:

OK, I think I found the answer. My first attempt extended ResourceOwnerPasswordTokenGranter.getOAuth2Authentication(), but I abandoned this after realizing that the chain of TokenGranters is...

Got it, thanks.

Yes, viewing the Dependency Hierarchy of my pom.xml in STS verifies that config-3.1.3.RELEASE is on my classpath (5339).

The following code results in two deprecation messages:
(1) Referenced...

From all the examples I've seen, it looks like the typical scenario in password flow is to always issue a token to an authenticated user and let subsequent requests to protected resources dictate...

I upgraded to:

Spring 3.1.1.RELEASE
Spring Security 3.1.3.RELEASE
Spring Security OAuth 1.0.0.RELEASE

and I still receive the deprecated warnings. Why could that be?

Similar to the original post in this thread, how can I configure <ldap-authentication-provider> to load my custom authorities mapper?

Basically, given THIS:...

So after spending some time looking through the classes and their respective unit tests, I think MapBasedAttributes2GrantedAuthoritiesMapper would best fit my use case of mapping LDAP groups to...

I'm trying to fit Spring Security onto our LDAP environment with pre-existing users/groups for a typical role-based scenario. I cannot change the naming scheme for these users/groups. Also, in...

Did you wind up opening a JIRA issue for this? If so, could you provide the link? I think this would be a great addition.

Per section 10.5 (Authorization Codes) of the OAuth2 spec:



In debugging the sparklr-tonr example, it's apparent that the code is stored in-memory when the resource owner grants authorization...

Ah ok, I see what you're suggesting. That would work as a POC, but, as you state, not in an enterprise context. Any recommendations on a good OAuth2 framework for iOS?

Not sure if it matters, but I believe the filter definition should be placed before the servlet definition.

OK, so what's the preferred way for password grants?

My apologies in advance, but I'm not sure why this would be the case. Going back slightly, if I understand the spec correctly, the auth code and implicit flows are nearly identical up to the point...

Using a similar setup to my implicit flow forum post, I encounter the following error with "password" flow:



error="access_denied", error_description="Unable to obtain a new access token for...

Yes, that is my reasoning. I've created SECOAUTH-331 to track this issue.



Similar to how sparklr does it, i.e., form-based auth, per the implicit flow example in tonr2/demo.html



Good...

Got it. On reviewing my implementation of the authentication code flow, I see that indeed it is the OAuth2RestTemplate which suggests the redirect to the user agent upon receiving a 401 from the...

I've implemented a rudimentary resource server, auth server, and client inspired by the sparklr/tonr examples, but with separate auth server and resource server implementations. I'm trying to...

OK thanks. I've opened SECOAUTH-318 to track this issue.

Understood. I don't have an opinion either on which database is best; I'm just looking for a solution to the clustering problem. That being said, I'll try my hand at a JDBC-based approach and see...

After doing the OAuth dance in tonr/sparklr with "marissa", I try to access the admin endpoints (using Chrome/Simple REST Client) by passing her access token, like so:



GET...

Ok, I get it. I realize that I'm overthinking this problem. Thanks for your help!

I don't think I understand. If SessionAttributeStore is the way to go, how else might I achieve the goal of storing state between the initial auth request and the code or token grant in an clustered...

Thinking about it some more, I see how this error would occur. The auth and resource servers run in different JVMs and have no way to exchange token store metadata with in-memory implementations. ...

I've implemented a rudimentary resource server, auth server, and client inspired by the sparklr/tonr examples, but with separate auth server and resource server implementations.

After approving...