Spring Security OAuth 1.0.0.RC2 released

**Dave Syer** · Oct 8th, 2012, 04:21 AM

Originally Posted by OhadR

2. In addition, under "client" bean (in the client-side) there is no "resource-details-service-ref" anymore.

That service wasn't really adding much value. I think the provider-specific features of the filter were extracted out into the OAuth2RestTemplate (and friends).

thanks again (PS I'd love to help and update the docs once I have a working project)

That's brilliant. Please use the contributor's agreement form (link in README).

**OhadR** · Oct 8th, 2012, 05:34 AM

thanks.

what about the "client"? i guess that the XSD has changed... under "client" bean (in the client-side) there is no "resource-details-service-ref" anymore, yet in the docs I can still see

The client element is used to configure the OAuth 2.0 client mechanism. The following attributes can be applied to the client element:

token-services-ref: The reference to the bean that stores tokens on behalf of a user. Default value is an instance of InMemoryOAuth2ClientTokenServices.
resource-details-service-ref: The reference to the bean that services the known resource details.

what comes instead? redirect-strategy-ref is necessary? how do I bind the "resource" (oauth:resource in the XML) to the "client" (oauth:client)?

thanks again (PS I'd love to help and update the docs once I have a working project)

**Dave Syer** · Oct 8th, 2012, 06:24 AM

Why would you need to bind a resource to the client filter?

The XSD is the source of truth, not the wiki (but please feel free to update it). The only attribute in <oauth:client/> is redirect-strategy-ref and the XSD inline docs clearly say that it is optional with a default. Just look at tonr2 for a template.

**OhadR** · Oct 8th, 2012, 06:43 AM

Originally Posted by Dave Syer

Why would you need to bind a resource to the client filter?

The XSD is the source of truth, not the wiki (but please feel free to update it). The only attribute in <oauth:client/> is redirect-strategy-ref and the XSD inline docs clearly say that it is optional with a default. Just look at tonr2 for a template.

I'm asking, because in 1.0.0.M6 the client held map of the "resources". there was a property named "resource-details-service-ref" (it even shown in the "old" docs...). So in RC2a there is no need in this binding?

I've updated the wiki ...

**Dave Syer** · Oct 8th, 2012, 06:53 AM

Originally Posted by OhadR

So in RC2a there is no need in this binding?

I guess not. Like I said, it wasn't adding any value.

I've updated the wiki ...

Excellent, thanks!

**mmeadow5** · Oct 10th, 2012, 11:50 AM

What's the most stable pre-release version at this point? The home page maven artifact refers to 1.0.0.M4
http://www.springsource.org/spring-security-oauth#maven

**OhadR** · Oct 10th, 2012, 12:03 PM

Originally Posted by mmeadow5

What's the most stable pre-release version at this point? The home page maven artifact refers to 1.0.0.M4
http://www.springsource.org/spring-security-oauth#maven

M4 is an old milestone.
last one is 1.0.0.RC2a (release candidate)

Thread: Spring Security OAuth 1.0.0.RC2 released

Thread Tools

Display

Posting Permissions