这里我的安全配置到我的spring-boot-starter-oauth2-authorization-server服务:
@EnableWebSecurity
@Configuration
public class SecurityConfiguration {
@Bean
SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {
return http
.csrf(csrfCustomizer -> csrfCustomizer.disable())
.authorizeHttpRequests(
authorize -> authorize
.requestMatchers(
EndpointRequest.to(InfoEndpoint.class, HealthEndpoint.class, EnvironmentEndpoint.class,
ConfigurationPropertiesReportEndpoint.class))
.permitAll().anyRequest().authenticated())
.formLogin(cr -> cr.disable())
.build();
}
}字符串
当我尝试GET _/.well-known/openid-configuration时,我得到:
❯ http http://des.oauthz.espaidoc-keycloak.apps.ocpdes.t-systems.es/.well-known/openid-configuration
HTTP/1.1 403
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 17 Nov 2023 11:48:16 GMT
expires: 0
pragma: no-cache
set-cookie: JSESSIONID=B8C183A7F9A2CC582B88B1D15C203D08; Path=/; HttpOnly
set-cookie: 324dc6a705237c000a7da99ab87ee12a=3af96fc0f36107d20bb560a118c624e0; path=/; HttpOnly
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0型
1条答案
按热度按时间bq9c1y661#
您需要添加授权服务器配置如下
字符串