上一篇:【SpringBoot攻略十四、spring security oauth2服务端(client_credentials客户端模式)】
基于【SpringBoot攻略十三、spring security oauth2服务端(password密码模式)】
做如下修改:
1、WebSecurityConfig
添加
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.requestMatchers().antMatchers("/oauth/**", "/login/**", "/logout/**")
.and()
.authorizeRequests()
// 授权码模式必须要对/oauth/**认证
.antMatchers("/oauth/**").authenticated()
.and()
.formLogin()
//.loginPage("/login.jsp") // 自定义登录页
.permitAll()
.and()
.csrf().disable();
}
2、OAuth2ResourceServerConfig
修改
@Override
public void configure(HttpSecurity http) throws Exception {