I am trying to add Spring OAuth2 security to my application to protect my REST endpoints, which are Spring RestControllers. At the moment, I'm just trying to get the main parts in place. However, something with the OAuth2 provider generates an ambiguous mapping of the oauth2AuthorizationEndpoint bean method.
I am using spring -security-web: 3.2.8.RELEASE AND pring-security-oauth2: 2.0.7.RELEASE When I start, I get the following error:
java.lang.RuntimeException: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'oauth2HandlerMapping': Invocation of init method failed; nested exception is java.lang.IllegalStateException: Ambiguous mapping found. Cannot map 'authorizationEndpoint' bean method public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.authorize(java.util.Map<java.lang.String, java.lang.Object>,java.util.Map<java.lang.String, java.lang.String>,org.springframework.web.bind.support.SessionStatus,java.security.Principal) to {[/oauth/authorize],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}: There is already 'oauth2AuthorizationEndpoint' bean method
My configuration:
<security:http pattern="/api/**" entry-point-ref="oauth2EntryPoint" access-decision-manager-ref="affirmativeBasedDecisionManager"> <security:intercept-url pattern="/api/mobile/survey/**" access="ROLE_CANVASSER"/> <security:intercept-url pattern="/api/mobile/monitor/**" access="ROLE_MONITOR"/> <security:intercept-url pattern="/api/**" access="ROLE_GEM_USER"/> <security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER"/> <security:access-denied-handler ref="oauthAccessDeniedHandler"/> </security:http>
<oauth:authorization-server client-details-service-ref="gemUserClientDetailsService" token-services-ref="tokenServices"> <oauth:authorization-code /> <oauth:implicit/> <oauth:refresh-token/> <oauth:client-credentials /> <oauth:password authentication-manager-ref="authenticationManager"/> </oauth:authorization-server> <bean id="defaultOAuth2UserApprovalHandler" class="org.springframework.security.oauth2.provider.approval.DefaultUserApprovalHandler"/> <bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices"> <property name="accessTokenValiditySeconds" value="86400"/> <property name="tokenStore" ref="tokenStore"/> <property name="supportRefreshToken" value="true"/> <property name="clientDetailsService" ref="gemUserClientDetailsService"/> </bean> <bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore"/> <bean name="gemDetailsService" class="com.factgem.gem.security.AuthenticationProvider"/> <bean id="oauth2EntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint"> <property name="realmName" value="gem"/> </bean> <bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler"/> <bean id="roleVoterHierarchyVoter" class="org.springframework.security.access.vote.RoleHierarchyVoter"> <constructor-arg ref="roleHierarchy"/> <property name="rolePrefix" value="ROLE"/> </bean> <bean id="webExpressionVoter" class="org.springframework.security.web.access.expression.WebExpressionVoter"/> <bean id="webSecurityExpressionHandler" class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"> <property name="roleHierarchy" ref="roleHierarchy"/> </bean> <bean id="webExpressionHandler" class="org.springframework.security.web.access.expression.WebExpressionVoter"> <property name="expressionHandler"> <ref bean="webSecurityExpressionHandler"/> </property> </bean> <bean id="authenticatedVoter" class="org.springframework.security.access.vote.AuthenticatedVoter"/> <bean id="jsr250Voter" class="org.springframework.security.access.annotation.Jsr250Voter"/> <bean id="affirmativeBasedDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased"> <constructor-arg> <list> <ref local="roleVoterHierarchyVoter"/> <ref local="webExpressionVoter"/> <ref local="authenticatedVoter"/> <ref local="jsr250Voter"/> </list> </constructor-arg> </bean>
source share