[SECOAUTH-141] Support authenticationEntryPoint when configuring oauth:provider #112
Description
Priority: Minor
Original Assignee: Ryan Heaton
Reporter: Jan Kronquist
Created At: Fri, 21 Oct 2011 12:55:53 +0100
Last Updated on Jira: Fri, 28 Oct 2011 07:25:48 +0100
The default authenticationEntryPoint that are used when using oauth:provider will return 401 with "WWW-Authenticate: OAuth". However, I want to have both OAuth and Basic auth which means I want a 401 with "WWW-Authenticate: Basic" instead. This means I want to be able to configure the authenticationEntryPoint that will be used by the OAuth filters.
The workaround is to manually configure all the filters, but this creates a mess in the application context.
Comments:
jankronquist on Fri, 21 Oct 2011 13:01:05 +0100
I'm using OAuth 1.0
jankronquist on Fri, 28 Oct 2011 07:25:48 +0100
I have found a workaround that allows me to keep oauth:provider but still replace the authenticationEntryPoint. However, I think it would be better to be able to configure it directly. My workaround uses a BeanFactoryPostProcessor:
ChangeOAuthProcessingFilterEntryPoint.java
public class ChangeOAuthProcessingFilterEntryPoint implements BeanFactoryPostProcessor { private OAuthProcessingFilterEntryPoint authenticationEntryPoint; public void setAuthenticationEntryPoint(OAuthProcessingFilterEntryPoint authenticationEntryPoint) { this.authenticationEntryPoint = authenticationEntryPoint; } @Override public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException { for (OAuthProviderProcessingFilter filter : beanFactory.getBeansOfType(OAuthProviderProcessingFilter.class).values()) { filter.setAuthenticationEntryPoint(authenticationEntryPoint); } } } <beans:bean class="com.gc.oauth.ChangeOAuthProcessingFilterEntryPoint"> <beans:property name="authenticationEntryPoint" ref="entryPoint" /> </beans:bean>