zoukankan      html  css  js  c++  java
  • Spring Cloud(6.3):搭建OAuth2 Resource Server

    配置web.xml

    添加spring-cloud-starter-security,spring-security-oauth2-autoconfigure2个依赖。

    <!-- Spring cloud starter: Security -->
    <!-- Include: web, actuator, security, zuul, etc. -->
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-security</artifactId>
    </dependency>
    <!-- Spring Security OAuth2 Autoconfigure (optional in spring-cloud-security after 2.1) -->
    <dependency>
        <groupId>org.springframework.security.oauth.boot</groupId>
        <artifactId>spring-security-oauth2-autoconfigure</artifactId>
    </dependency>

    此外,它还是一个Eureka Client和Config Client,如何配置Eureka Client和Config Client请看前面章节。

    配置Application

    添加@EnableResourceServer注解,声明为OAuth2 Resource Server。

    @SpringBootApplication
    @EnableResourceServer // Enable OAuth2 Resource Server
    public class ResourceServerApplication {
        public static void main(String[] args) {
            SpringApplication.run(ResourceServerApplication.class, args);
        }
    }

    配置Configer及参数

    ResourceServerConfigurer.java

    package com.mytools.config;
    
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
    
    @Configuration
    public class ResourceServerConfigurer extends ResourceServerConfigurerAdapter {
    
        @Override
        public void configure(HttpSecurity http) throws Exception {
            //@formatter:off
            http.authorizeRequests()
                    .antMatchers("/structure-search/**", "/data-search/**").hasAnyRole("SQL_USER")
                    .anyRequest().authenticated();
            //@formatter:on
        }
    }

    application.yml

    ## Security info
    security:
      oauth2:
        resource:
          # 定义一个回调URL调用Authorization Server来查看令牌是否有效
          # use zuul to replace 'http://server-auth/server-auth/user'
          userInfoUri: http://localhost:10020/server-zuul/s3/server-auth/user
  • 相关阅读:
    leetcode算法题(JavaScript实现)
    使用git submodule管理一个需要多个分立开发或者第三方repo的项目
    linux下从源代码安装git
    git项目实战常用workflow和命令
    如何在linux console中显示当前你在的branch?
    git plumbing 更加底层命令解析-深入理解GIT
    如何直接在github网站上更新你fork的repo?
    git remotes
    git和其他版本控制系统的区别
    Git server安装和配置
  • 原文地址:https://www.cnblogs.com/storml/p/11246113.html
Copyright © 2011-2022 走看看