401 full authentication is required to access this resource

**eddyphan** · 28/01/2020, 16h22

Salut,
je n'arrive pas à me connecter à mon application. je reçois un message 401 full authentication is required to access this resource à chaque essaie.

Voici mes ressources :

Application Properties :

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
security.oauth2.resource.id: ed
 
server:
  ssl:
    key-store-type: PKCS12
    key-store: classpath:server.p12
    key-store-password: ed19
    key-alias: edpi
    port: 8443
    key-password: edasta19
 
  security:
    require-ssl=true:
 
 
 
spring:
 
  datasource:
    platform: mysql
    url: jdbc:mysql://localhost:3306/edas19?serverTimezone=UTC&useLegacyDatetimeCode=false
    username: root
    password:  '#L8#'
    tomcat:
      test-while-idle: true
      validation-query: SELECT 1
    initialization-mode: never
    sql-script-encoding: UTF-8
  jpa:
    show-sql: true
    generate-ddl: true
    open-in-view: false
    hibernate.ddl-auto: update
    properties:
      hibernate:
        dialect: org.hibernate.dialect.MySQL5Dialect
  jackson:
    mapper:
      default_view_inclusion: true
    serialization:
      indent_output: true
      write_dates_as_timestamps: false
    deserialization:
      fail_on_ignored_properties: false
      fail_on_unknown_properties: false
      accept_single_value_as_array: true
    default-property-inclusion: non_empty
    date-format: com.fasterxml.jackson.databind.util.ISO8601DateFormat #joda-date-time-format: yyyy-MM-dd HH:mm:ss
  mail:
    host: smtp.gmail.com
    port: 587
    username: edd@gmail.com
    password: '#l5#'
    properties:
      mail:
        transport.protocol: smtp
        smtp:
          auth: true
          starttls.enable: true
          timeout: 5000
          writetimeout: 5000
          connectiontimeout: 5000
        #debug: true
    #test-connection: true
keystore:
  jwt:
    key-store: classpath:server.jks
    key-store-password: ed19
    key-pair-alias: edpi
    key-pair-password: ed19
    public-key: classpath:public.txt
  uuidd: ${random.uuid}
  password: edasta19
  value: ${random.value}
  upload-dir: /var/www/uploads
  purge:
    cron.expression: 0 0 5 * * ?

AuthorizationServerConfig

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
 
 
@Configuration
@EnableOAuth2Client
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
 
 
    @Value("${resource.id:edastapi}")
    private String RESSOURCE_ID;
 
    @Value("${keystore.jwt.key-pair-alias}")
    private String KEY_PAIR_ALIAS;
 
    @Value("${keystore.jwt.key-store-password}")
    private String KEY_STORE_PASS;
 
    @Value("${jwt.authorizedGrantTypes:password" +
            ",authorization_code" +
            ",refresh_token}")
    private String[] AUTHORIZED_GRANTYPES;
 
    private final static Integer RESOURCE_VALIDITY = 60*60;
 
    private final PasswordEncoder encoder;
 
    private final PersonneService service;
 
    private final AuthenticationManager manager;
 
 
    public AuthorizationServerConfig(
           PasswordEncoder encoder,
                                     PersonneService service,
                                     AuthenticationManager manager) {
       this.encoder = encoder;
        this.service = service;
        this.manager = manager;
    }
 
 
 
    @Bean
    public TokenStore tokenStore() {
 
        return new JwtTokenStore(
                tokenEnhancer()
        );
 
    }
 
 
    @Bean
    public JwtAccessTokenConverter tokenEnhancer() {
 
        JwtAccessTokenConverter tokenConverter = new JwtAccessTokenConverter();
 
        KeyStoreKeyFactory factory = new KeyStoreKeyFactory(
 
                new ClassPathResource("server.jks"), KEY_STORE_PASS.toCharArray()
        );
 
        tokenConverter.setKeyPair(factory.getKeyPair(KEY_PAIR_ALIAS));
 
        DefaultAccessTokenConverter converter = new DefaultAccessTokenConverter();
 
        DefaultUserAuthenticationConverter authConverter = new DefaultUserAuthenticationConverter();
 
        authConverter.setUserDetailsService(service);
 
        converter.setUserTokenConverter(authConverter);
 
        tokenConverter.setAccessTokenConverter(converter);
 
        return tokenConverter;
 
    }
 
    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security.tokenKeyAccess("permitAll()")
                .checkTokenAccess("isAuthenticated()");//security.allowFormAuthenticationForClients();
    }
 
    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
                .withClient("ed").resourceIds(RESSOURCE_ID)
                .authorizedGrantTypes(AUTHORIZED_GRANTYPES)
                .scopes("openid", "profile", "email", "read", "write")
                 .secret(encoder.encode("1234")).autoApprove(true)
//                 .secret("secret").autoApprove(true)
 
                .accessTokenValiditySeconds(RESOURCE_VALIDITY).refreshTokenValiditySeconds(2*RESOURCE_VALIDITY);
 
    }
 
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
 
        endpoints
                .accessTokenConverter(tokenEnhancer())
                .authenticationManager(manager).userDetailsService(service)
                .tokenStore(tokenStore()).tokenServices(tokenServices());
 
    }
 
    @Bean @Primary
    public DefaultTokenServices tokenServices() {
 
        DefaultTokenServices services = new DefaultTokenServices();
        services.setTokenEnhancer(tokenEnhancer());
        services.setAuthenticationManager(manager);
        services.setSupportRefreshToken(true);
        services.setTokenStore(tokenStore());
        return services;
 
    }
 
}

SERVEUR DE RESSOURCES :

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
 
        @Autowired
        private ResourceServerTokenServices tokenServices;
 
        @Value("${security.oauth2.resource.id}")
        private String RESSOURCE_ID;
 
 
 
 
        @Override
        public void configure(ResourceServerSecurityConfigurer resources) {
            resources.resourceId(RESSOURCE_ID).tokenServices(tokenServices);;
        }
 
        @Override
        public void configure(HttpSecurity http) throws Exception {
            http
                   /* .cors().and().csrf().disable().httpBasic().disable().headers().frameOptions().disable().and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
                    .authorizeRequests()
                    .antMatchers("/me").permitAll()
                    .anyRequest().authenticated().and()
                    .exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
*/
                    .cors().and().csrf().disable().httpBasic().disable().headers().frameOptions().disable().and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
                    .authorizeRequests().anyRequest().authenticated().and() //.antMatchers("/oauth/register", "/oauth/enable", "/operations/bondast", "/about").permitAll().antMatchers("/ross/**").access("hasRole('ADMIN') and hasRole('USER')").antMatchers("/admin/**").hasRole("ADMIN")
                    .exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
 
        }
 
 
    }

WebSecurity

Code :

Sélectionner tout - Visualiser dans une fenêtre à part

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
 
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
    @Autowired
    private PersonneService service;
 
 
   @Bean
    public static PasswordEncoder encoder() {
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }
 
 
 
    @Bean @Override
    protected AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManager();
    }
 
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
       auth.userDetailsService(service).passwordEncoder(encoder());
    }
 
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.requiresChannel().anyRequest().requiresSecure();
    }
 
 
}

Je vous prie de m'aider SVP

401 full authentication is required to access this resource [Security]

Spring Java

Mode arborescent

Discussions similaires

Partager

Partager