如何解决来自客户端的Spring Security令牌自省
我想通过配置Spring Security在给定URI上检查令牌来验证API中收到的令牌。基于我在互联网上看到的内容。我添加了
spring.security.oauth2.resourceserver.jwt.issuer-uri=https://url/protocol/openid-connect/token/introspect
到我的application.properties
我还添加了.oauth2ResourceServer()。jwt();到我的Spring配置,看起来像
http
.csrf().disable().cors()
.and()
.antMatcher("/api/project/**")
.authorizeRequests()
.antMatchers("/api/project/projectIds","/api/project/**/involvement").permitAll()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.oauth2ResourceServer().jwt();
当我尝试部署我的应用程序时,出现以下错误:
Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is org.springfra
mework.beans.factory.BeanCreationException: Error creating bean with name 'jwtDecoderByIssuerUri' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OA
uth2ResourceServerJwtConfiguration$JwtDecoderConfiguration.class]: Bean instantiation via factory method Failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instant
iate [org.springframework.security.oauth2.jwt.JwtDecoder]: Factory method 'jwtDecoderByIssuerUri' threw exception; nested exception is java.lang.IllegalArgumentException: Unable to resolve the Configurati
on with the provided Issuer of "https://url/protocol/openid-connect/token/introspect"
我在做什么错了?
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。