org.springframework.security.oauth2.config.annotation.web.configuration

Annotation Type EnableResourceServer

@Target(value=TYPE)
@Retention(value=RUNTIME)
@Documented
@Import(value=ResourceServerConfiguration.class)
public @interface EnableResourceServer

Convenient annotation for OAuth2 Resource Servers, enabling a Spring Security filter that authenticates requests via an incoming OAuth2 token. Users should add this annotation and provide a @Bean of type ResourceServerConfigurer (e.g. via ResourceServerConfigurerAdapter) that specifies the details of the resource (URL paths and resource id). In order to use this filter you must @EnableWebSecurity somewhere in your application, either in the same place as you use this annotation, or somewhere else.

The annotation creates a WebSecurityConfigurerAdapter with a hard-coded Order (of 3). It's not possible to change the order right now owing to technical limitations in Spring, so you must avoid using order=3 in other WebSecurityConfigurerAdapters in your application (Spring Security will let you know if you forget).

Author:

Dave Syer