oauth provider filter

[sabari]

Friends, i want to implement oauth authentication provider for consumer. i already have web application with spring security. have to integrate oauth to that web app. spring security i did't used namespace, i used filter chain proxy. Can you suggest how can configure oauth provider for consumer.(oauth provider for filter chain proxy)

[Dave Syer]

Authentication against an OAuth provider is a function of the provider since there is no commonly adopted standard for serving or encoding user details. Who is your provider? Have you looked at Spring Social Security (they have support for loads of common providers)? Or did you want to do something custom or generic using Spring OAuth? OAUth2 or OAuth 1?

[sabari]

Authentication against an OAuth provider is a function of the provider since there is no commonly adopted standard for serving or encoding user details. Who is your provider? Have you looked at Spring Social Security (they have support for loads of common providers)? Or did you want to do something custom or generic using Spring OAuth? OAUth2 or OAuth 1?

Thanks for reply. i want to implement provider (oauth2) only not consumer.

[Dave Syer]

I'm confused. You want to implement a Spring AuthenticationProvider for a consumer, or an OAuth provider (resource server or authorization server in OAuth2 terms)? The former is supplied by Spring Social Security (and it is easy to build with Spring OAuth if you want something customized), and the latter is supplied by Spring OAuth (resource server is a single filter, so easy to install in a custom configuration, and the auth server is an MVC controller). You need to be a bit more specific about what you need and what you already have.

[sabari]

I'm confused. You want to implement a Spring AuthenticationProvider for a consumer, or an OAuth provider (resource server or authorization server in OAuth2 terms)? The former is supplied by Spring Social Security (and it is easy to build with Spring OAuth if you want something customized), and the latter is supplied by Spring OAuth (resource server is a single filter, so easy to install in a custom configuration, and the auth server is an MVC controller). You need to be a bit more specific about what you need and what you already have.

dear Dave,
i have web apllication with spring mvc and spring security(here im not using name space,instead of that im using filter chain proxy).Now i want to implement oauth provider only authentication.for configure in spring security namespace i have example. my problem is how to configure in filterchainproxy?

[Dave Syer]

I don't think we are making progress here, so sorry if it's my fault. Maybe you can explain a bit more what you have and what you need, or what you didn't understand about my previous answers, and maybe also why you don't want to use the Security namespace. What I think you are saying now is that you have an app with a web UI and you want to add some machine endpoints and protect them with OAuth2 (i.e. you want it to be a resource server). In that case you need an <oauth:resource-server/>, which creates a filter that you can add to a filter chain for your machine endpoints.