Spring security oauth2 login and resource server in same application

I solved by splitting the configuration into two classes. One for OAuth login and the other for the resource server. Configured http.requestMatcher(new RequestHeaderRequestMatcher("Authorization")) on the resource server Configuration class and made it’s Order as 1 and Open Id configuration order as 2. In Resource server configuration I have disabled session creation.

In this way, if any external clients are calling with a JWT token with header ‘Authorization’ then it will be handled by Resource server configuration or else it will be handled by the second/OAuth configuration.

CLICK HERE to find out more related problems solutions.

Leave a Comment

Your email address will not be published.

Scroll to Top