Announcement Announcement Module
No announcement yet.
Anyone using OAuth2ClientProcessingFilter? Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Anyone using OAuth2ClientProcessingFilter?

    Is anyone using the OAuth2ClientProcessingFilter? I can't see much value in it, so I'm planning to rip it out unless someone has a good use case ( Reminder it's part of the client-side support and it lets you add an extra layer of assertions about particular client URLs, to ensure that they cannot be accessed without the correct OAuth2 credentials. It's pointless in my opinion because the resource server should prevent you from accessing those resources anyway. The filter on the client only has the effect of preventing the resource server from ever even being asked.