学习使用Spring Cloud 微服务间的调用都是RestFul风格,如何保证调用之间的安全性,这是一个很重要的问题。
通过查阅资料http://wiselyman.iteye.com/blog/2379419 查看了github上提供的例子https://github.com/wiselyman/uaa-zuul
1.引入
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
2.添加配置类
package com.rraj.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import javax.servlet.http.HttpServletResponse;
/**
* Created by hqm
*/
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.exceptionHandling()
.authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED))
.and()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic();
}
}
3启动的Application中添加注解
@EnableGlobalMethodSecurity(prePostEnabled = true)
4.application.properties中添加
#安全认证
security.oauth2.resource.id=feign-consumer
security.oauth2.resource.user-info-uri=http://localhost:8702
security.oauth2.resource.prefer-token-info=false
以上几步可以完成服务之间调用的安全性,欢迎指正错误的问题和评论