为网友们分享了相关的编程文章,网友向欣愉根据主题投稿了本篇教程内容,涉及到Spring、Cloud、单点登录、详解基于Spring Cloud几行配置完成单点登录开发相关内容,已被548网友关注,涉猎到的知识点内容可以在下方电子书获得。
详解基于Spring Cloud几行配置完成单点登录开发
单点登录概念
单点登录(Single Sign On),简称为 SSO,是目前比较流行的企业业务整合的解决方案之一。SSO的定义是在多个应用系统中,用户只需要登录一次就可以访问所有相互信任的应用系统。登录逻辑如上图
基于Spring 全家桶的实现
技术选型:
- Spring Boot
- Spring Cloud
- Spring Security oAuth2
客户端:
maven依赖
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>org.springframework.security.oauth</groupId> <artifactId>spring-security-oauth2</artifactId> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-jwt</artifactId> </dependency>
EnableOAuth2Sso 注解
入口类配置@@EnableOAuth2Sso
@SpringBootApplication public class PigSsoClientDemoApplication { public static void main(String[] args) { SpringApplication.run(PigSsoClientDemoApplication.class, args); } }
配置文件
security: oauth2: client: client-id: pig client-secret: pig user-authorization-uri: http://localhost:3000/oauth/authorize access-token-uri: http://localhost:3000/oauth/token scope: server resource: jwt: key-uri: http://localhost:3000/oauth/token_key sessions: never
SSO认证服务器
认证服务器配置
@Configuration @Order(Integer.MIN_VALUE) @EnableAuthorizationServer public class PigAuthorizationConfig extends AuthorizationServerConfigurerAdapter { @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient(authServerConfig.getClientId()) .secret(authServerConfig.getClientSecret()) .authorizedGrantTypes(SecurityConstants.REFRESH_TOKEN, SecurityConstants.PASSWORD,SecurityConstants.AUTHORIZATION_CODE) .scopes(authServerConfig.getScope()); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) { endpoints .tokenStore(new RedisTokenStore(redisConnectionFactory)) .accessTokenConverter(jwtAccessTokenConverter()) .authenticationManager(authenticationManager) .exceptionTranslator(pigWebResponseExceptionTranslator) .reuseRefreshTokens(false) .userDetailsService(userDetailsService); } @Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security .allowFormAuthenticationForClients() .tokenKeyAccess("isAuthenticated()") .checkTokenAccess("permitAll()"); } @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } @Bean public JwtAccessTokenConverter jwtAccessTokenConverter() { JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter(); jwtAccessTokenConverter.setSigningKey(CommonConstant.SIGN_KEY); return jwtAccessTokenConverter; } }
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持码农之家。