Jun 25th, 2012, 10:25 AM
Hi Dave, I am using spring-security-oauth 1.0.0.M6a.
When I say authenticated, I mean authenticated in spring-security.
I get the error page like Authentication is required...anonymous not allowed.
do you see any easy way of supporting this?
There is spring-security-social http://code.google.com/p/spring-security-social/ developed for this, but seems its not compatible now.
Was it the case that in previous version, there was provision to get the access-token before authentication is formed?
Last edited by pravin_bansod; Jun 25th, 2012 at 04:27 PM.
Jun 26th, 2012, 12:55 AM
Authentication with OAuth2 should be possible. What the original poster was trying to do with password grants may not be (it doesn't seem very sensible to me). I use OAuth2 for authentication and single sign on a lot. E.g. see https://github.com/cloudfoundry/uaa/...entFilter.java (changed link since the original post) - it's not an authentication manager, and it's not really OpenId Connect (yet) either, but it works.
Originally Posted by pravin_bansod
Jun 26th, 2012, 02:55 PM
Thanks Dave. I tried but it didn't work.
It is the same flow from RestTemplate-->OAuth2RestTemplate(createRequst)--> AccessTokenProviderChain and
org.springframework.security.authentication.Insuff icientAuthenticationException: Authentication is required to store an access token (anonymous not allowed)
for which we don't redirect.
Can you please check and let me know if I am missing something obvious?
Jun 26th, 2012, 04:05 PM
Check what, sorry. What did you try? Did you see the sample app at https://github.com/cloudfoundry/uaa/...r/samples/app? It uses the filter I linked to before, so maybe if you look at the Spring Security config for that and pay attention to the filter chain (in particular where the anonymous filter is disabled) you will get some hints.
Jun 26th, 2012, 05:28 PM
Thanks Dave. I will try that.