带有表单登录的 Spring Security OAuth 2 [英] Spring Security OAuth 2 with form login
问题描述
我正在尝试将 Spring Boot 应用程序配置为使用表单登录,并使用 OAuth 2 授权服务器验证凭据(将凭据从表单登录发送到用户授权 URL.
I'm trying to configure my Spring boot application to use a form login, and to verify the credentials using an OAuth 2 authorization server (sending the credentials from the form login to the user authorization URL.
但是,当我使用以下 SecurityConfig
并访问资源时,而不是使用表单登录,它会重定向到授权服务器,询问我的凭据(使用基本身份验证)和然后重定向回应用程序本身.
However, when I'm using the following SecurityConfig
and I go to a resource, rather than using a form login it redirects to the authorization server, asking for my credentials (using basic authentication) and then redirects back to the application itself.
我正在使用以下 SecurityConfig
:
@Configuration
@EnableOAuth2Sso
public class SecurityConfig extends OAuth2SsoConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.logout()
.and()
.antMatcher("/**")
.authorizeRequests()
.anyRequest().authenticated()
.and()
.csrf()
.csrfTokenRepository(csrfTokenRepository()).and()
.addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
.formLogin();
}
// CSRF repository + filter
}
我正在为 configure()
方法提供 formLogin()
,但这似乎不起作用.
I am providing the formLogin()
to the configure()
method, but this doesn't seem to work.
以下配置在我的application.yml
文件中:
The following configuration is in my application.yml
file:
spring:
oauth2:
client:
clientId: test
clientSecret: secret
accessTokenUri: http://localhost:8081/uaa/oauth/token
userAuthorizationUri: http://localhost:8081/uaa/oauth/authorize
clientAuthenticationScheme: header
resource:
userInfoUri: http://localhost:8081/uaa/user
这个配置确实有效,因为在重定向后我获得了授权,但它不是我希望它工作的方式(使用表单登录而不是重定向到 OAuth2 授权服务器).
This configuration does work, because after the redirect I am getting authorized, but it's not in the way I would like it to work (with a form login in stead of a redirect to the OAuth2 Authorization server).
推荐答案
使用 SSO 的重点是用户通过身份验证服务器(在您的情况下为 localhost:8081)进行身份验证.如果您想要表单登录,则需要在此处实现它,而不是在客户端应用中.
With SSO the whole point is that the user authenticates with the auth server (localhost:8081 in your case). If you want a form login, that's where you need to implement it, not in the client app.
这篇关于带有表单登录的 Spring Security OAuth 2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!