CODEWITHSUNDEEP
javaspringoauth-2.0spring-security-oauth2
backtrack
backtrack

Reputation: 8144

How to separate authorization server spring security in java

I have started to learn spring security (Oauth2). I am having a REST API service which is protected by Spring Oauth2. What i want to do is, I want to separate authorization server and resource server, For example,

I am having Authorization: http://server1:8080/RESTTest/oauth/token/grant_type=client_credentials&client_id=clientt&client_secret=secret

And Resource http://server1:8080/RESTTest/api/users/?access_token=2cf682c6-2900-47dc-a468-441fcee0dc18

What i want is,

Authorization : http://Server1:8080/authorizationserver /oauth/token/grant_type=client_credentials&client_id=clientt&client_secret=secret

Resource: http://server2:8080/RESTTest/api/users/?access_token=2cf682c6-2900-47dc-a468-441fcee0dc18

I am using JDBCTokenstore. I am not sure how to separate it. Can someone help me.

Thanks,

Upvotes: 3

Views: 2193

Answers (1)

kuhajeyan
kuhajeyan

Reputation: 11017

You can map your custom endpoint to defaults provided, fyi http://projects.spring.io/spring-security-oauth/docs/oauth2.html

@Configuration
    @EnableAuthorizationServer
    protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

@Override
        public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

            endpoints.tokenStore(tokenStore).userApprovalHandler(userApprovalHandler)
                    .authenticationManager(authenticationManager);
            endpoints.pathMapping("/oauth/token", "/authorizationserver/oauth/token")
        }

}

Upvotes: 1

Related Questions