-1
我們使用OAuth [LDAP /社交登錄]在Spring引導下開發了SSO應用程序。應用程序有一些公共頁面和一些受保護的頁面要求是我們希望基於經過驗證的用戶在公共頁面上顯示一些內容。一旦我們在一個應用程序中登錄並訪問其他應用程序的公共頁面,則用戶主體在公共頁面上不可用,除非我們訪問同一應用程序的受保護頁面之一。任何建議/樣本來實現這一點,在這裏會有所幫助。以下是我的資源服務器代碼。如何在公共頁面上使用permitAll()共享彈簧安全OAuth2
public class SocialApplication extends WebSecurityConfigurerAdapter {
@Autowired
CustomLdapAuthoritiesPopulator ldapAuthoritiesPopulator;
@Autowired
CustomLogoutSuccessHandler customLogoutSuccessHandler;
@RequestMapping({ "/user", "/me" })
public Map<String, String> user(Principal principal) {
Map<String, String> map = new LinkedHashMap<>();
map.put("name", principal.getName());
return map;
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/page1Prv");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**").authorizeRequests().antMatchers("/login", "/index**", "/webjars/**").permitAll()
.anyRequest().authenticated().and().authorizeRequests().anyRequest().fullyAuthenticated().and()
.formLogin().loginPage("/login").defaultSuccessUrl("/").and().logout()
.logoutSuccessHandler(customLogoutSuccessHandler).permitAll().and().csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()
.addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
//.userDetailsService(userDetailsService);
http.httpBasic().and().authorizeRequests().anyRequest().authenticated().and().csrf().disable();
}
@Override
protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
authenticationManagerBuilder.ldapAuthentication()
.contextSource()
.url("ldap://localhost:10389/dc=example,dc=com").managerDn("uid=admin,ou=system")
.managerPassword("secret").and()
.ldapAuthoritiesPopulator(ldapAuthoritiesPopulator)
.userSearchBase("ou=users").userSearchFilter("(cn={0})");
}
@Configuration
@EnableResourceServer
protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.antMatcher("/me").authorizeRequests().anyRequest().authenticated();
}
}
public static void main(String[] args) {
SpringApplication.run(SocialApplication.class, args);
}
}