SSO Client
准备:
使用maven构建项目,导入1.5.4SpringBoot父jar包
parent
groupIdorg.springframework.boot/groupId
artifactIdspring-boot-starter-parent/artifactId
version1.5.4.RELEASE/version
relativePath/
/parent
导入所必须的springboot集成security的jar包spring-boot-starter-security以及它的依赖包spring-security-jwt
groupIdorg.springframework.boot/groupId
artifactIdspring-boot-starter-security/artifactId
groupIdorg.springframework.security/groupId
artifactIdspring-security-jwt/artifactId
基于OAuth认证,导入
groupIdorg.springframework.security.oauth/groupId
artifactIdspring-security-oauth5/artifactId
由于是web项目继续导入spring-boot-starter-web
groupIdorg.springframework.boot/groupId
artifactIdspring-boot-starter-web/artifactId
页面显示模版使用springBoot官方推荐的thymeleaf 导入spring-boot-starter-thymeleaf
配置:
配置springBoot启动yml文件,设置SSO认证必要参数
#配置服务地址 及登出地址
myOAthConfig:
hostUrl: http://localhost:5678
logoutUrl: ${myOAthConfig.hostUrl}/logout
security:
oauth5:
sso:
login-path: /login
client:
client-id: acme
client-secret: acmesecret
access-token-uri: ${myOAthConfig.hostUrl}/oauth/token
user-authorization-uri: ${myOAthConfig.hostUrl}/oauth/authorize
client-authentication-scheme: form
resource:
jwt:
key-uri: ${myOAthConfig.hostUrl}/oauth/token_key
添加本地安全策略:
新建SecurityConfiguration继承WebSecurityConfigurerAdapter添加@Configuration上下文配置spring容器 @EnableOAuth5Sso开启OAuth认证SSO
重写configure(HttpSecurity http)方法,配置该客户端访问安全策略
首先开启SSO服务器,再开启Client 否则会报错
