Add 'Java. Util. Collections $SingletonMap' to 'org. Springframework. Security. Jackson2. SecurityJackson2Modules' ALLOWLIST_CLASS_NAMES set #1009
Labels
for: external-project
For an external project and not something we can fix
I according to the official document "https://docs.spring.io/spring-authorization-server/docs/current/reference/html/guides/how-to-jpa.html" The code that runs gets the correct access_token, then uses the access_token to request the /userinfo endpoint, but gets the following error:
I went to consult the spring-projects/spring-security#4370, using the following methods to solve the error:
Create the following two classes:
And then configure it:
The above code works, but I'm still confused about the issue. In the "ALLOWLIST_CLASS_NAMES" collection of "org.Springframework.Security.Jackson2.SecurityJackson2Modules", The "java.Util.Collections $SingletonMap" property is not included.
Would it be possible to open-up java.Util.Collections $SingletonMap? Seen as we already allow java.util.Collections$SingletonList, I can't see adding a java.Util.Collections $SingletonMap would make much different.
The text was updated successfully, but these errors were encountered: