如何通过Spring-boot 1.3.0.RC1为oauth2提供自定义安全配置 [英] How to provide custom security configuration for oauth2 with spring-boot 1.3.0.RC1
问题描述
在spring-cloud Angel.SR3版本中,我遵循了 https://github.com/中的示例spring-cloud-samples/sso ,并且在spring-boot 1.2.6.RELEASE中一切正常.
With spring-cloud Angel.SR3 release I followed example in https://github.com/spring-cloud-samples/sso and things work fine with spring-boot 1.2.6.RELEASE.
但是在spring-boot 1.3.0.RC1中,oauth2内容已移入spring-boot本身,并且以下代码无法编译,因为类 OAuth2SsoConfigurerAdapter 不再存在.
However with spring-boot 1.3.0.RC1, the oauth2 stuff has moved into spring-boot itself, and the code below fails to compile because class OAuth2SsoConfigurerAdapter no longer exists.
创建等效配置的仅Spring Boot方式是什么?
What is the spring-boot only way to create equivalent configuration?
public static void main(String[] args) {
SpringApplication.run(MainAppApplication.class, args);
}
...
@Component
public static class LoginConfigurer extends OAuth2SsoConfigurerAdapter {
@Override
public void match(RequestMatchers matchers) {
matchers.antMatchers("/dashboard/**");
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.antMatcher("/dashboard/**").authorizeRequests().anyRequest()
.authenticated().and().csrf()
.csrfTokenRepository(csrfTokenRepository()).and()
.addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
}
private Filter csrfHeaderFilter() {
return new OncePerRequestFilter() {
...
};
}
...
}
推荐答案
您只需要使用org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
并仔细使用此注释org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso
You just have to use org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
and carefully use this annotation org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso
我写得很仔细,因为它的行为取决于您添加它的位置.如javadoc中所述:
I've written carefully because its behaviour depends on where you add it. As stated in the javadoc:
启用OAuth2单点登录(SSO).如果用户提供了一个现有的WebSecurityConfigurerAdapter并用@ EnableOAuth2Sso进行了注释,则可以通过添加身份验证筛选器和身份验证入口点来对其进行增强.如果用户只有@ EnableOAuth2Sso而不是WebSecurityConfigurerAdapter上的用户,则将添加一个具有所有路径安全且顺序使其使其在Spring Boot中默认HTTP Basic安全链之前的命令.
Enable OAuth2 Single Sign On (SSO). If there is an existing WebSecurityConfigurerAdapter provided by the user and annotated with @EnableOAuth2Sso, it is enhanced by adding an authentication filter and an authentication entry point. If the user only has @EnableOAuth2Sso but not on a WebSecurityConfigurerAdapter then one is added with all paths secured and with an order that puts it ahead of the default HTTP Basic security chain in Spring Boot.
希望有帮助!
这篇关于如何通过Spring-boot 1.3.0.RC1为oauth2提供自定义安全配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!