Spring Security Authorization Server OAuth2 / oauth / token - 500 No adapter for handler
I am trying to implement Spring Security OAuth2 Authorization Server. When you try to access the token endpoint (/ oauth / token), I get a 404. I am assuming that something is missing, but for the life of me, I can't see it.
I am using Java config for:
- Spring Security 4.0.1
- Spring Security OAuth2 2.0.7
My configuration looks like this:
ApplicationSecurityConfig.java
Used to register config files with WAR
public class ApplicationSecurityConfig extends
AbstractSecurityWebApplicationInitializer {
public ApplicationSecurityConfig() {
super(SecurityConfig.class, AuthorizationServerConfig.class);
}
}
SpringSecurityConfig.java
Configuring HTTP Authentication for All Endpoints Matching the URL Pattern /
@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user")
.password("password")
.roles("USER");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/")
.authenticated()
.and()
.httpBasic();
}
}
OauthAuthorizationServerConfig.java
Used to configure the authorization server
@Configuration
@EnableAuthorizationServer
public class OauthAuthorizationServerConfig extends
AuthorizationServerConfigurerAdapter{
@Autowired
private TokenStore tokenStore;
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception{
clients
.inMemory()
.withClient("testClient")
.scopes("read", "write")
.authorities("ROLE_CLIENT")
.authorizedGrantTypes("password", "refresh_token")
.accessTokenValiditySeconds(60)
.refreshTokenValiditySeconds(3600);
}
@Bean
public TokenStore tokenStore(){
return new InMemoryTokenStore();
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception{
endpoints.tokenStore(tokenStore);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception{
oauthServer.allowFormAuthenticationForClients();
}
}
Sorry if this is a "school boy bug", but I've spent some time on the documentation and samples that Spring has posted on Github, but I'm obviously not understanding something.
- EDIT -
I replaced ApplicationSecurityConfig.java with SpringApplicationInit.java
public class SpringApplicationInit extends
AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return null;
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class[]{
SpringSecurityConfig.class,
OauthAuthorizationServerConfig.class
};
}
@Override
protected String[] getServletMappings() {
return new String[]{"/"};
}
}
This gives different results. Now I am getting a 500 Server error status code:
javax.servlet.ServletException: No adapter for handler [public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(java.security.Principal,java.util.Map<java.lang.String, java.lang.String>) throws org.springframework.web.HttpRequestMethodNotSupportedException]: The DispatcherServlet configuration needs to include a HandlerAdapter that supports this handler
org.springframework.web.servlet.DispatcherServlet.getHandlerAdapter(DispatchrServlet.java:1163)
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:939)
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:966)
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:857)
javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:842)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
I pushed the code to the git repository if it made it easier to execute.
source to share