Setting Up OAuth2 Authorization Server

In this guide, we will walk through the configuration of an OAuth2 Authorization Server using Spring Security. If you encounter issues, such as compilation errors related to the javax.servlet.Filter, this article will help you troubleshoot.

Spring Security Configuration

Below is an example configuration for Spring Security that sets up basic authentication and authorization for your application:

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

@Configuration
@Order(1)
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Value("${user.oauth.user.username}")
    private String username;
    
    @Value("${user.oauth.user.password}")
    private String password;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .requestMatchers()
                .antMatchers("/login", "/oauth/authorize")
                .and()
            .authorizeRequests()
                .anyRequest().authenticated()
                .and()
            .formLogin().permitAll();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
            .withUser(username)
            .password(passwordEncoder().encode(password))
            .roles("USER");
    }

    @Bean
    public BCryptPasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

Common Compilation Error

If you encounter the following error during compilation:

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.0:compile (default-compile) on project auth-service: Compilation failure
[ERROR] cannot access javax.servlet.Filter
[ERROR] class file for javax.servlet.Filter not found

This typically indicates that your project is missing the necessary servlet API dependency. To resolve this, ensure that your pom.xml includes the correct dependency for the servlet API. Here’s an example of how to add it:

<dependency>
    <groupId>javax.servlet</groupId>
    <artifactId>javax.servlet-api</artifactId>
    <version>4.0.1</version>
    <scope>provided</scope>
</dependency>

Conclusion

By following the above configuration and ensuring that all necessary dependencies are included, you should be able to set up your OAuth2 Authorization Server without encountering the javax.servlet.Filter error. If issues persist, double-check your dependencies and ensure your project is correctly set up to use Spring Security.