zoukankan      html  css  js  c++  java
  • spring security

    判断是否有权限访问请求路径

    FilterSecurityInterceptor.doFilter -- >AccessDecisionManager.decide()(实现类AffirmativeBased) 抛出异常AccessDeniedException -->ExceptionTranslationFilter -->AuthenticationEntryPoint-->RedirectStrategy

    AuthenticationEntryPoint在系统启动时完成初始化

    RedirectStrategy跳转到http://localhost:9003/oauth2/authorization/keycloak oauth2入口

    oauth2登录

    OAuth2AuthorizationRequestRedirectFilter --> RedirectStrategy(DefaultRedirectStrategy)

    RedirectStrategy跳转到

    http://127.0.0.1:8080/auth/realms/gd/protocol/openid-connect/auth?response_type=code&client_id=appname&scope=openid address email microprofile-jwt offline_access phone profile roles web-origins&state=kOyEKvdVvbdzBxZOb4J2Gs60T2BwejLILkj7Advsym4=&redirect_uri=http://127.0.0.1:9527/login/oauth2/code/keycloak&nonce=l1C-05KZfPcsQis4nPxGXIjC4zBXBivrCtZW8GsEXrY

    keycloak登录后跳转到

    http://127.0.0.1:9527/login/oauth2/code/keycloak?state=kOyEKvdVvbdzBxZOb4J2Gs60T2BwejLILkj7Advsym4=&session_state=883d0c79-15e3-49ae-9946-a598dc0af316&code=0fe070bb-0e8a-4c60-abfa-f985fb563c86.883d0c79-15e3-49ae-9946-a598dc0af316.17e4b437-1dff-477e-a36c-0772554440e4

    OAuth2LoginAuthenticationFilter   -->  SimpleUrlAuthenticationSuccessHandler(可自定义)-->响应中带有token

    客户端取响应中的token和roles,带着token去访问后台资源

  • 相关阅读:
    Opencv之像素值的获取
    亚像素级角点检测
    Shi-Tomasi角点检测
    卡尔曼滤波
    Harris角点检测理论
    ROS2GO 与WIN10 双系统安装
    数字集成电路物理设计学习总结——物理设计建库域验证
    跨时钟域信号传输(二)——数据信号篇
    跨时钟域信号传输(一)——控制信号篇
    亚稳态与多时钟切换
  • 原文地址:https://www.cnblogs.com/whmbky/p/15465511.html
Copyright © 2011-2022 走看看