SSO Client
准备:
使用maven构建项目,导入1.5.4SpringBoot父jar包
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.4.RELEASE</version>
<relativePath/>
</parent>
导入所必须的springboot集成security的jar包spring-boot-starter-security以及它的依赖包spring-security-jwt
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
基于OAuth认证,导入
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
由于是web项目继续导入spring-boot-starter-web
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
页面显示模版使用springBoot官方推荐的thymeleaf 导入spring-boot-starter-thymeleaf
配置:
配置springBoot启动yml文件,设置SSO认证必要参数
#配置服务地址 及登出地址
myOAthConfig:
hostUrl: http://localhost:5678
logoutUrl: ${myOAthConfig.hostUrl}/logout
security:
oauth2:
sso:
login-path: /login
client:
client-id: acme
client-secret: acmesecret
access-token-uri: ${myOAthConfig.hostUrl}/oauth/token
user-authorization-uri: ${myOAthConfig.hostUrl}/oauth/authorize
client-authentication-scheme: form
resource:
jwt:
key-uri: ${myOAthConfig.hostUrl}/oauth/token_key
添加本地安全策略:
新建SecurityConfiguration继承WebSecurityConfigurerAdapter添加@Configuration上下文配置spring容器 @EnableOAuth2Sso开启OAuth认证SSO
重写configure(HttpSecurity http)方法,配置该客户端访问安全策略
首先开启SSO服务器,再开启Client 否则会报错