I am studying Oauth2 Security and I am really new to it. I found some issues when I go through several online documents and tutorials. Could anybody please help me to clarify following problems coz I was unable to clearly resolve those by myself even after searching through internet in the whole day.
I have used this link to set up test OAuth2 security application
<authentication-manager id="clientAuthenticationManager"
xmlns="http://ift.tt/1c8inpe">
<authentication-provider user-service-ref="clientDetailsUserService" />
</authentication-manager>
<authentication-manager alias="authenticationManager"....
Q1. According to above xml code what is this clientAuthenticationManager and why is it used the alias authenticationManager ?
<oauth:client client-id="restapp"
authorized-grant-types="authorization_code,client_credentials"
authorities="ROLE_APP"
scope="read,write,trust"
resource-ids=""
redirect-uri=""
secret="secret" />
<oauth:client client-id="restapp"
authorized-grant-types="password,authorization_code,refresh_token,implicit"
secret="restapp"
authorities="ROLE_APP" />
</oauth:client-details-service>
Q2 What is client-id and for what purpose we use it?
Q3 What is this secret = "" what is the useage of it?
Q4 What is resource-ids="" what is the useage of it?
Q5 What is authorities = "" what is the useage of it?
Q6 What is redirect-uri="" what is the useage of it?
<oauth:resource-server id="resourceServerFilter"
resource-id="test"
token-services-ref="tokenServices"/>
Q7 According to above xml code what is resourceServerFilter
Q8 What is resource-id="test" here.... for what purpose we need it?
Can anybody please help me to understand it......!
Aucun commentaire:
Enregistrer un commentaire