网上有很多该系列的教程,但是很多都是
spring boot1.x,
很少看见关于spring boot 2.0
.本人是打算做个spring cloud的web程序,这个整合我就是放在zuul上,类似于做了个网关的鉴权吧。。
国际通用案例 上jar包依赖
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.4.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<spring.druid.version>1.1.10</spring.druid.version>
<spring.mybatis.version>1.3.2</spring.mybatis.version>
<mapper.spring.version>2.0.4</mapper.spring.version>
<pagehelper.spring.version>1.2.6</pagehelper.spring.version>
<jwt.verson>0.9.0</jwt.verson>
</properties>
<!--安全验证相关-->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency>
<!--解析JWT-->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>${jwt.verson}</version>
</dependency>
我们首先要写登录逻辑
@Component
@Slf4j
public class AppUserDetailsService implements UserDetailsService {
@Autowired
private PasswordEncoder passwordEncoder;
/**
* 表单登录
*/
@Override
public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
return buildUser(userName);
}
//用户必须要有ROLE_USER 才可以登录 服务提供商
private UserDetails buildUser(String userId) {
// 根据用户名查找用户信息,这里可以写我们的登录逻辑比如说XXXXservice.findUser(String user);
//根据查找到的用户信息判断用户是否被冻结
String password = passwordEncoder.encode("123456");
log.info("数据库密码是:"+password);
return new User(userId, password,
true, true, true, true,
AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_ADMIN,ROLE_USER"));
}
}
配置我们的资源服务器@EnableResourceServer
@Configuration
@EnableResourceServer
public class AppWebSecurityConfigurerAdapter extends ResourceServerConfigurerAdapter {
private final AppSecurityExpressionHandler appSecurityExpressionHandler;
private final ZuulProperties zuulProperties;
private final AuthenticationSuccessHandler appAuthenticationSuccessHandler;
private final AuthenticationFailureHandler appAuthenticationFailureHandler;
private final AccessDeniedHandler appAccessDeniedHandler;
public AppWebSecurityConfigurerAdapter(AppSecurityExpressionHandler appSecurityExpressionHandler, ZuulProperties zuulProperties, AuthenticationSuccessHandler appAuthenticationSuccessHandler, AuthenticationFailureHandler appAuthenticationFailureHandler, AccessDeniedHandler appAccessDeniedHandler) {
this.app