CustomUserDetails is not in the allowlist #1221
Assignees
Labels
status: duplicate
A duplicate of another issue
Comments
|
Closing this as a duplicate. See this comment for details. |
jgrandja
added
status: duplicate
|
I have also encountered this issue, with so many questions about Jackson2. The official should provide an example of Jackson2 on how to deserialize using UserDetails |
|
Then how to use custom user details. I think for non-demo project, this is a must. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Describe the bug
When I user CustomUserDetails in Spring-Authorization-Server. JdbcOAuth2AuthorizationService$OAuth2AuthorizationRowMapper.parseMap()
throws IllegalArgumentException with Class CustomUserDetails is not in the allowlist. If you believe this class is safe to deserialize, please provide an explicit mapping using Jackson annotations or by providing a Mixin. If the serialization is only done by a trusted source, you can also enable default typing. See spring-projects/spring-security#4370 for details.
To Reproduce
use CustomUserDetails instead of InMemoryUserDetails in authorization-server
The text was updated successfully, but these errors were encountered: