POST request "Full authentication is required to access this resource"

[h0x539]

Hi!

Does anybody encountered the error "Full authentication is required to access this resource" trying to authenticate by using POST request oauth/token?

Curl command:
curl localhost:85/oauth/token -d grant_type=password -d client_id=web_app -d username=reader -d password=reader

Response:

{"timestamp":1486841819620,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/oauth/token"}

ResourceServerConfiguration configure

http .csrf().disable() .authorizeRequests() .antMatchers("/**").authenticated() .antMatchers(HttpMethod.GET, "/me").hasAuthority("FOO_READ")

WebSecurityConfig configure

http .csrf().disable() .exceptionHandling() .authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED))

Thanks!

SOLUTION

Add in request header Authorization: Basic base64(client_id:client_secret)

[wilkinsona]

Thanks for getting in touch, but it feels like this is a question that would be better suited to Stack Overflow. As mentioned in the guidelines for contributing, we prefer to use GitHub issues only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add some more details if you feel this is a genuine bug.

[wilkinsona]

Already asked on Stack Overflow: http://stackoverflow.com/questions/42181318/post-request-full-authentication-is-required-to-access-this-resource.

@h0x539 Please don't cross-post. It just wastes people's time.

[h0x539]

@wilkinsona Thanks! Maybe is better if this issue will be deleted, because is posted also on Stack Overflow.
Sorry for inconvenience, I didn't realize the cross-posting!

[sidsm009]

there is no proper answer for this query on stackoverflow since more than a year. if anyone knows the solution, please help

[zhangconan]

there is no proper answer for this query on stackoverflow since more than a year. if anyone knows the solution, please help

The Asker has provided the solution:
Add in request header Authorization: Basic base64(client_id:client_secret)

The details is encode your_client_id:your_client_secret use base64, then add the encode string in your request header.

e.g base64 encode your_client_id:your_client_secret ==> eW91cl9jbGllbnRfaWQ6eW91cl9jbGllbnRfc2VjcmV0

Curl command:

curl localhost:85/oauth/token -d grant_type=password -d client_id=web_app -d username=reader -d password=reader -H 'Authorization: Basic eW91cl9jbGllbnRfaWQ6eW91cl9jbGllbnRfc2VjcmV0'