Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New Oauth token generating for a user each time we hit the token url #7

Open
nayankakati opened this issue Dec 3, 2015 · 4 comments

Comments

@nayankakati
Copy link

Hi Bobby,
Excellent sample code!!!

we are facing one issue where in for a particular user we are getting separate token each time we hit the url.

On embedded tomcat it is working fine but when we create a separate WAR file and deploy it, it starts behaving this way.

On oauth2_access_token table there are multiple entries for the same user.

environment :- Ubuntu 14.04, Grails 3 , Postgres 9.4 and Tomcat 8.0.23

http://stackoverflow.com/questions/34072814/grails-3-oauth2-not-working-with-tomcat-8

is it related to Tomcat?

@bobbywarner
Copy link
Owner

@nayankWebonise How are you producing the war file? gradle war, gradle assemble or grails war?

@vjnathe-webonise
Copy link

@bobbywarner grails war

@bobbywarner
Copy link
Owner

@vjnathe-webonise @nayankWebonise Can you please try gradle war and let me know if the same issue happens?

@nayankakati
Copy link
Author

Hi @bobbywarner : we tried gradle war but it still not resolved, we debugged it and found that an error is occurring on JDBC side in spring library. So to move forward we temporarily used "Inmemory" token storage and it worked perfectly, but it just a short term goal , when users would get in a large numbers, we have to move to JDBC Token storage.

Following is the error we are getting on debugging on tomcat server :-

ERROR 2015-12-04 13:08:42,863 org.springframework.security.oauth2.provider.token.store.JdbcTokenStore - Could not extract access token for authentication org.springframework.security.oauth2.provider.OAuth2Authentication@f9ea55ec: Principal: org.springframework.security.core.userdetails.User@5437f414: Username: [email protected]; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_ADMIN

java.lang.IllegalArgumentException: java.io.StreamCorruptedException: invalid stream header: BB656430
at org.springframework.security.oauth2.common.util.SerializationUtils.deserialize(SerializationUtils.java:40) ~[spring-security-oauth2-2.0.7.RELEASE.jar:na]
at org.springframework.security.oauth2.provider.token.store.JdbcTokenStore.deserializeAccessToken(JdbcTokenStore.java:397) ~[spring-security-oauth2-2.0.7.RELEASE.jar:na]
at org.springframework.security.oauth2.provider.token.store.JdbcTokenStore$1.mapRow(JdbcTokenStore.java:115) ~[spring-security-oauth2-2.0.7.RELEASE.jar:na]
at org.springframework.security.oauth2.provider.token.store.JdbcTokenStore$1.mapRow(JdbcTokenStore.java:1) ~[spring-security-oauth2-2.0.7.RELEASE.jar:na]
at org.springframework.jdbc.core.RowMapperResultSetExtractor.extractData(RowMapperResultSetExtractor.java:93) ~[spring-jdbc-4.1.7.RELEASE.jar:4.1.7.RELEASE]
at org.springframework.jdbc.core.RowMapperResultSetExtractor.extractData(RowMapperResultSetExtractor.java:60) ~[spring-jdbc-4.1.7.RELEASE.jar:4.1.7.RELEASE]
at org.springframework.jdbc.core.JdbcTemplate$1.doInPreparedStatement(JdbcTemplate.java:708) ~[spring-jdbc-4.1.7.RELEASE.jar:4.1.7.RELEASE]
at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:644) ~[spring-jdbc-4.1.7.RELEASE.jar:4.1.7.RELEASE]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants