JohanB
Reputation: 2148
Spring OAuth2 client_credentials in combination with preauthenticated user
My app uses preauthentication
I want to consume OAuth2 protected resources using ClientCredentialsResourceDetails (signed fetch).
When using this in combination with an preauthenticated UserDetails, spring does not store the OAuth token:
DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken@4662f11e: Principal: User = ***
How can I make this work?
Upvotes: 1
Views: 821
Answers (1)
Dave Syer
Reputation: 58094
The token is stored in memory in the OAuth2RestTemplate. That's good enough for most use cases because you can set it up as a singleton bean (one per client).
Upvotes: 1
Related Questions
- Spring Boot + Oauth2 client credentials
- Spring Boot OAuth2RestTemplate Client Credentials in Body
- Spring Security OAuth2 client_credentials flow only
- OAUTH2 user service with Custom Authentication Providers
- Spring OAuth2 Security - Client Credentials - Custom AuthenticationProvider
- oAuth2 client with password grant in Spring Security
- Spring OAuth2 - User info in Client Credentials grant type
- Java Spring Security OAuth2: Accept client credentials via POST
- Configuring Spring OAuth2 Client for client_credentials flow
- Spring-security context setup for 2-legged (client credentials) OAuth2 server