zoukankan      html  css  js  c++  java

  • Spring Cloud(6.3):搭建OAuth2 Resource Server

    配置web.xml

    添加spring-cloud-starter-security,spring-security-oauth2-autoconfigure2个依赖。

    <!-- Spring cloud starter: Security -->
<!-- Include: web, actuator, security, zuul, etc. -->
<dependency>
    <groupId>org.springframework.cloud</groupId>
    <artifactId>spring-cloud-starter-security</artifactId>
</dependency>
<!-- Spring Security OAuth2 Autoconfigure (optional in spring-cloud-security after 2.1) -->
<dependency>
    <groupId>org.springframework.security.oauth.boot</groupId>
    <artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency>

    此外,它还是一个Eureka Client和Config Client,如何配置Eureka Client和Config Client请看前面章节。

    配置Application

    添加@EnableResourceServer注解,声明为OAuth2 Resource Server。

    @SpringBootApplication
@EnableResourceServer // Enable OAuth2 Resource Server
public class ResourceServerApplication {
    public static void main(String[] args) {
        SpringApplication.run(ResourceServerApplication.class, args);
    }
}

    配置Configer及参数

    ResourceServerConfigurer.java

    package com.mytools.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

@Configuration
public class ResourceServerConfigurer extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        //@formatter:off
        http.authorizeRequests()
                .antMatchers("/structure-search/**", "/data-search/**").hasAnyRole("SQL_USER")
                .anyRequest().authenticated();
        //@formatter:on
    }
}

    application.yml

    ## Security info
security:
  oauth2:
    resource:
      # 定义一个回调URL调用Authorization Server来查看令牌是否有效
      # use zuul to replace 'http://server-auth/server-auth/user'
      userInfoUri: http://localhost:10020/server-zuul/s3/server-auth/user
  • 相关阅读:
    最短路最基本算法———Floyd算法
    最短路最基本算法———Floyd算法
    浅谈最基础的三种背包问题
    浅谈最基础的三种背包问题
    Java中的反射机制Reflection
    Linux下抓包命令tcpdump的使用
    SSRF(服务端请求伪造)漏洞
    Cookie、Session和Token认证
    使用BurpSuite抓取HTTPS网站的数据包
    堆、栈和队列的区别
  • 原文地址:https://www.cnblogs.com/storml/p/11246113.html
Copyright © 2011-2022 走看看