반응형
1. 현상
- Weblogic 12c 환경에서 Spring boot / Oauth2 사용시 Error 401 Unauthorized 발생
Error 401--Unauthorized
10.4.2 401 Unauthorized
The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.
2. 원인
- Weblogic Server Authentication은 기본적으로 활성화되어 있다. Weblogic Server 기본 설정에 의해 Srping Framework 등 어플리케이션에서 HTTP Basic Authentication을 사용하여 Authentication 헤더에 보안 관련 값을 제대로 넘겨받지 못할 수 있다. 이때는 Weblogic Server Authentication을 비활성화 해야 한다.
3. 해결방안
- Weblogic Server Authentication 비활성화 방법
<도메인 홈>\config\config.xml 파일에 아래 옵션을 설정 후 Weblogic Server 재기동
<security-configuratoin>
...
<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>
...
</ security-configuratoin >
[참고]
- https://blueyikim.tistory.com/1886
- https://stackoverflow.com/questions/59741214/oauth2-deployment-on-weblogic-12c-401-authorization-error
반응형
'WAS > Weblogic' 카테고리의 다른 글
| [Weblogic] weblogic.net.http.SOAPHttpsURLConnection cannot be cast to javax.net.ssl.HttpsURLConnection (0) | 2023.12.25 |
|---|---|
| [Weblogic] JDBC pool connecton leak was detected (0) | 2023.12.25 |
| [Weblogic] Session timeout 설정 (0) | 2023.12.20 |
| [Weblogic] JTA(Java Transaction API) 시간 변경 (0) | 2023.12.18 |
| [Weblogic] EAR 구성 방법 (0) | 2023.12.18 |
