Springboot OAUTH & PKCS failed & log level of the filter
Rédigé par gorki Aucun commentaireProblem :
When using Spring Oauth2 resource server, it checks the received token, to do so it must retrieve token validaty or get certificates to validate token. These two calls are usually made in HTTPS for obvious security reason.
When the certificate is not known by the Spring Oauth2 resource server JVM, it fails as SSL handshake can not complete. It fails. Without a single message :)
Solution :
Put the following log level on :
org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter: DEBUG
I see that the exception is propagate to authenticationFailureHandler I see that it should be handle by authenticationFailureHandler
but somewhere in the chain, it's not traced… Could search deeper next time.
It will activate this log :
try {
AuthenticationManager authenticationManager = this.authenticationManagerResolver.resolve(request);
Authentication authenticationResult = authenticationManager.authenticate(authenticationRequest);
...
} catch (AuthenticationException var11) {
SecurityContextHolder.clearContext();
if (debug) {// 134
this.logger.debug("Authentication request for failed!", var11);
}
this.authenticationFailureHandler.onAuthenticationFailure(request, response, var11);
}