I'm trying to implement an oAuth provider. I included filed from sparklr to my project which uses Spring MVC3.1 and Spring Security3.1. I then use tonr to access the service. Here's what happend:
1. I login to Tonr
2. I clicked on "View my Sparklr photos" and I get directed to the signin page of my project
3. I entered username and password and submit to "j_spring_security_check"
4. I get redirect to the home page of my project
the "/oauth/confirm_access" is not even called. It seems spring security doesn't know the request was from an oAuth client. Now, if I click back and click on "View my Sparklr photos" from Tonr's site, I then get directed to access_confirmation.jsp page and everything goes find now.
Basically the user has to click on "View my Sparklr photos" two times. the 1st time is to login to my project. the 2nd time is for oAuth authorization. The problem is obviously from step3 the first time user clicked on "View my Sparklr photos"
here's my configuration:
<oauth:consumer name="Tonr.com" key="tonr-consumer-key"
secret="SHHHHH!!!!!!!!!!" resourceName="Your Photos"
resourceDescription="Your photos that you have uploaded to sparklr.com." />
<oauth:token-services id="tokenServices" />