With Spring Security OAuth2, how to restrict access to only certain types of users
Scenario We are using Spring Security 2 with OAuth2 integration on our system. There are different types of users and different internal and external OAuth clients on the system. Some of these clients only need a custom type A to be able to log in, while others only want to allow type B.
The question I am considering various places to implement this logic, and the only place where I can see how to get the user name and client CompatistStore interface, means that I can potentially realize utverzhdenieStore, which returns an empty resolution for undesirable combinations.
Is this the right place or is there a better place to put this logic?
+3
source to share
No one has answered this question yet
Check out similar questions: