task #6118
Updated by Andreas Kohlbecker over 7 years ago
Spring-Cloud-Security (http://cloud.spring.io/spring-cloud-security/ brings OAuth2 for spring applications.
* spring-cloud-security provides the client side authentication feature:
* http://cloud.spring.io/spring-cloud-security/spring-cloud-security.html
* https://github.com/spring-cloud/spring-cloud-security
* The oauth2-authorization-server feature is provided by spring-boot: http://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#boot-features-security-oauth2-authorization-server:
* For full details, see the (Spring Security OAuth 2 Developers Guide](http://projects.spring.io/spring-security-oauth/docs/oauth2.html)
* OAuth2 in general is provided by [spring-security-oauth](http://projects.spring.io/spring-security-oauth/docs/oauth2.html)
## spring-security-oauth
The following endpoints are required in the Spring Security filter chain in order to implement OAuth 2.0 Authorization Server:
* `AuthorizationEndpoint` is used to service requests for authorization. Default URL: `/oauth/authorize`.
* `TokenEndpoint` is used to service requests for access tokens. Default URL: `/oauth/token`.
The following filter is required to implement an OAuth 2.0 Resource Server:
* The `OAuth2AuthenticationProcessingFilter` is used to load the Authentication for the request given an authenticated access token.