Spring Security OAuth

Deprecation Notice

The Spring Security OAuth project is deprecated. The latest OAuth 2.0 support is provided by Spring Security. See the OAuth 2.0 Migration Guide for further details.

Spring Security OAuth provides support for using Spring Security with OAuth (1a) and OAuth2 using standard Spring and Spring Security programming models and configuration idioms.

Features

Support for OAuth providers and OAuth consumers
Oauth 1(a) (including two-legged OAuth, a.k.a. "Signed Fetch")
OAuth 2.0

Applying security to an application is not for the faint of heart, and OAuth is no exception. Before you get started, you’re going to want to make sure you understand OAuth and the problem it’s designed to address. There is good documentation at the OAuth site. You will also want to make sure you understand how Spring and Spring Security work.

You’re going to want to be quite familiar with both OAuth (and/or OAuth2) and Spring Security, to maximize the effectiveness of this developers guide. OAuth for Spring Security is tightly tied to both technologies, so the more familiar you are with them, the more likely you’ll be to recognize the terminology and patterns that are used.

Quick start

Bootstrap your application with Spring Initializr.

Documentation

Each Spring project has its own; it explains in great details how you can use project features and what you can achieve with them.

2.4.1 SNAPSHOT	Reference Doc.	API Doc.
2.4.0 GA	Reference Doc.	API Doc.
2.3.9 SNAPSHOT	Reference Doc.	API Doc.
2.3.8 GA	Reference Doc.	API Doc.