'POST request "Full authentication is required to access this resource"
Does anybody encountered the error "Full authentication is required to access this resource" trying to authenticate by using POST request oauth/token?
Curl command:
curl localhost:85/oauth/token -d grant_type=password -d client_id=web_app -d username=reader -d password=reader
Response:
{"timestamp":1486841819620,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/oauth/token"}
ResourceServerConfiguration configure
http .csrf().disable() .authorizeRequests() .antMatchers("/**").authenticated() .antMatchers(HttpMethod.GET, "/me").hasAuthority("FOO_READ")
WebSecurityConfig configure
http .csrf().disable() .exceptionHandling() .authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED))
Thanks!
Solution 1:[1]
This error message is from your own back end server. It is a spring framework error. If you check this with 2 providers, you can see that the error message is the same for both. The source of the problem, in my case, was my wrong mapping as a call back url. I configured my server to permit all requests that hit the endpoint localhost:8080/oauth2/callback/** to pass without authentication while the callback coming from the providers was configured as localhost:8080/login/oauth2/**. I did this mistake following this tutorial. For any reason, if there is a mismatch between these configurations, you will get the error.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Dejazmach |