The OAuth2 client uses multiple instances,The OAuth2 Authentication Server uses one instances
I use nginx for forwarding,and then one step is authorization code certification, carrying the state parameters to Authentication Server , he would pass DefaultOAuth2ClientContext stored in the memory map, but you know nginx is polling, such as the first state is stored in the first machine, at the time of taking polling to the second machine, When the state parameter is not found, an exception is reported:
"Possible CSRF detected - state parameter was required but no state could be found"
how can we change the "state "persistence in redis?
Summary
Actual Behavior
Expected Behavior
Successfully complete authentication in cluster mode。
929404097
commented
3 years ago
The OAuth2 client uses multiple instances,The OAuth2 Authentication Server uses one instances I use nginx for forwarding,and then one step is authorization code certification, carrying the state parameters to Authentication Server , he would pass DefaultOAuth2ClientContext stored in the memory map, but you know nginx is polling, such as the first state is stored in the first machine, at the time of taking polling to the second machine, When the state parameter is not found, an exception is reported: "Possible CSRF detected - state parameter was required but no state could be found" how can we change the "state "persistence in redis?
Summary
Actual Behavior
Expected Behavior
Successfully complete authentication in cluster mode。
Configuration
Version
spring-security-oauth2-2.3.4.RELEASE
Sample