Announcement Announcement Module
Collapse
No announcement yet.
Can I allow OAuth2RestOperations access public endpoints without login? Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Can I allow OAuth2RestOperations access public endpoints without login?

    Dear Dave Syer,
    I've my resource, authorization server (acts as SSO as well) & client spring application based on Spring Oauth2.
    Some of the rest endpoints in the resource server is "permitAll" endpoints. Now when I access those public endpoints from my client application, client app is redirecting me to the login page. I assume OAuth2RestOperations requires access token no matter how the authorization is set up on the resource server?
    I guess I can use another plain RestOperations for my public access. But I think its better if I can use single restOperations and it allows the user browse till it hits the secured endpoint.

    Is there any suggestions how to customize this? Do you personally think its a bad idea?
Working...
X