Question
Able to hit the secured endpoint from browser but not from postman/insomnia getting 401 unathorized
pom dependency: spring boot starter security spring boot starter oauth2 client
application.properties:
spring.security.oauth2.client.registration.qwerty=qwerty
spring.security.oauth2.client.registration.qwerty.client-id=qwe
spring.security.oauth2.client.registration.qwerty.redirect-uri=http://qwe.com:9090/welcome/callback
spring.security.oauth2.client.registration.qwerty.scope=openid
spring.security.oauth2.client.registration.qwerty.authorization-grant-type=authorization_code
spring.security.oauth2.client.provider.qwerty.issuer-uri=https://qwerty.com
spring.security.oauth2.client.provider.qwerty.authorization-uri=https://qwerty.com/as/authorization.oauth2
spring.security.oauth2.client.provider.qwerty.token-uri=https://qwerty.com/as/token.oauth2
WebSecurityConfig.java
@Configuration
@EnableWebSecurity
public class WebSecurityConfig {
@Bean
public SecurityFilterChain securityFilterChain(HTTPSecurity http) throws Exception{
http.csrf().disable()
.authorizaHttpRequests()
.anyRequest().authenticated()
.and()
.oauth2Login()
.redirectionEndpoint()
.baseUri("/callback");
return http.build();
}
}
this is the security configuration in my spring boot MVC application suppose now endpoint: http://qwe:9090/welcome/name if I open this above endpoint in the browser it returns the name but if I try to hit this endpoint in Postman it says 401 not authorized how to hit the above endpoint in Postman if I have the above security configuration in my application? authorization server is using Kerberos for authentication.