Announcement Announcement Module
Collapse
No announcement yet.
Spring Security OAuth 1.0.0.RC1 released Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security OAuth 1.0.0.RC1 released

    Hi,

    #spring #security #oauth 1.0.0.RC1 is released today http://bit.ly/xfE5PM. Download via github or Maven (SpringSource milestone repository).

    Loads of new stuff since M6. OAuth2 is looking close to stable so it seemed like a good idea to go for a release candidate. Highlights:

    * Lots of new extension points in the Authorization Server features
    * XML goodness, e.g. <oauth2:rest-template/>
    * Whitelabel UI for better out-of-box experience
    * Improved support for expressions in security filters

    Enjoy!

    Dave.

  • #2
    Great job guys~.
    I can't be waitng first RC 1.0.0.

    Comment


    • #3
      Originally posted by Dave Syer View Post
      Hi,

      #spring #security #oauth 1.0.0.RC1 is released today http://bit.ly/xfE5PM. Download via github or Maven (SpringSource milestone repository).

      Loads of new stuff since M6. OAuth2 is looking close to stable so it seemed like a good idea to go for a release candidate. Highlights:

      * Lots of new extension points in the Authorization Server features
      * XML goodness, e.g. <oauth2:rest-template/>
      * Whitelabel UI for better out-of-box experience
      * Improved support for expressions in security filters

      Enjoy!

      Dave.
      Congrats!

      great job.

      A question: I had a working project on milestone4, now I try to migrate it to the new RC1. Unfortunately, I find it difficult - many compilation error due to files that have been removed, etc. (
      for example:
      1. RandomValueTokenServices does not exist anymore,
      2. the bean 'ClientCredentialsTokenEndpointFilter' is not found,
      3. under "client" bean there cannot be "resource-details-service-ref" anymore, and more...

      Do you have a documentation that might help me to find how to make it work? I really wanna make it work on the RC1, since I believe it suppose to be better than a milestone...

      please advise...

      thanks

      Comment


      • #4
        Originally posted by OhadR View Post
        1. RandomValueTokenServices does not exist anymore,
        It evolved into DefaultTokenServices. But if you have an existing TokenServices that extends the old RVTS you should look at the TokenStore and other extension points in the DefaultTokenServices, rather than simply extending the new class.

        2. the bean 'ClientCredentialsTokenEndpointFilter' is not found,
        The class is still there. Maybe it was registered automatically in M4? You need to define it explicitly now.

        3. under "client" bean there cannot be "resource-details-service-ref" anymore, and more...
        Do you have an example config that you show to remind us what that was for (if it did anything)?

        Comment


        • #5
          Originally posted by Dave Syer View Post
          Do you have an example config that you show to remind us what that was for (if it did anything)?
          yes, concerning the "resource-details-service-ref": first of all, it is described in the docs,
          The client element is used to configure the OAuth 2.0 client mechanism. The following attributes can be applied to the client element:

          token-services-ref: The reference to the bean that stores tokens on behalf of a user. Default value is an instance of InMemoryOAuth2ClientTokenServices.
          resource-details-service-ref: The reference to the bean that services the known resource details.
          -so I thought this is the way it should work. So my XML looks something like this:

          Code:
              <!--apply the oauth client context -->
          	<oauth:client id="oauth2ClientFilter" 
          				resource-details-service-ref="resourceDetailsService"/>
          
              <bean id="resourceDetailsService" class="org.springframework.security.oauth2.client.resource.InMemoryOAuth2ProtectedResourceDetailsService">
                  <property name="resourceDetailsStore">
                      <map>
                          <entry key="clientKey" value-ref="myClientResource"/>
                      </map>
                  </property>
              </bean>

          Comment

          Working...
          X