Giters

spring-attic / spring-security-oauth

Support for adding OAuth1(a) and OAuth2 features (consumer and provider) for Spring web applications.

Home Page:http://github.com/spring-projects/spring-security-oauth

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

The OAuth2 client uses multiple instances

929404097 opened this issue · comments

commented

The OAuth2 client uses multiple instances,The OAuth2 Authentication Server uses one instances
I use nginx for forwarding,and then one step is authorization code certification, carrying the state parameters to Authentication Server , he would pass DefaultOAuth2ClientContext stored in the memory map, but you know nginx is polling, such as the first state is stored in the first machine, at the time of taking polling to the second machine, When the state parameter is not found, an exception is reported:
"Possible CSRF detected - state parameter was required but no state could be found"
how can we change the "state "persistence in redis?

Summary

Actual Behavior

Expected Behavior

Successfully complete authentication in cluster mode。

Configuration

Version

spring-security-oauth2-2.3.4.RELEASE

Sample

commented

@dsyer please give me help