1. 首頁
  2. 問答
  3. Spring安全資源服務器配置

Spring安全資源服務器配置

2016-10-05 137 views
1

我已經使用xa配置和oauth2身份驗證實現了Spring安全性,它在硬編碼值和xml配置中工作正常。但我需要配置它是在java中,我配置了大部分的部分,但在一些部分混淆。我如何在java中實現它。Spring安全資源服務器配置

XML配置是,

<oauth:client-details-service id="clientDetails"> 
    <!-- client --> 
    <oauth:client client-id="restapp" 
     authorized-grant-types="authorization_code,client_credentials" 
     authorities="ROLE_APP" scope="read,write,trust" secret="secret" /> 

    <oauth:client client-id="restapp" 
     authorized-grant-types="password,authorization_code,refresh_token,implicit" 
     secret="restapp" authorities="ROLE_APP" /> 

</oauth:client-details-service> 



<sec:global-method-security 
    pre-post-annotations="enabled" proxy-target-class="true"> 
    <!--you could also wire in the expression handler up at the layer of the 
     http filters. See https://jira.springsource.org/browse/SEC-1452 --> 
    <sec:expression-handler ref="oauthExpressionHandler" /> 
</sec:global-method-security> 

<oauth:expression-handler id="oauthExpressionHandler" /> 
<oauth:web-expression-handler id="oauthWebExpressionHandler" /> 



<oauth:authorization-server 
    client-details-service-ref="clientDetails" token-services-ref="tokenServices" 
    user-approval-handler-ref="userApprovalHandler"> 
    <oauth:authorization-code /> 
    <oauth:implicit /> 
    <oauth:refresh-token /> 
    <oauth:client-credentials /> 
    <oauth:password /> 
</oauth:authorization-server> 

<oauth:resource-server id="resourceServerFilter" 
    resource-id="test" token-services-ref="tokenServices" /> 

<oauth:client-details-service id="clientDetails"> 
    <!-- client --> 
    <oauth:client client-id="restapp" 
     authorized-grant-types="authorization_code,client_credentials" 
     authorities="ROLE_APP" scope="read,write,trust" secret="secret" /> 

    <oauth:client client-id="restapp" 
     authorized-grant-types="password,authorization_code,refresh_token,implicit" 
     secret="restapp" authorities="ROLE_APP" /> 

</oauth:client-details-service>

來源

2016-10-05 jicks

回答

1

這個是什麼?

@Configuration 
public class SecurityConfiguration { 

    @Configuration 
    @EnableResourceServer 
    @EnableGlobalMethodSecurity(prePostEnabled = true, proxyTargetClass = true) 
    public class OAuth2ResourceServerConfig extends GlobalMethodSecurityConfiguration { 
     @Override 
     protected MethodSecurityExpressionHandler createExpressionHandler() { 
      return new OAuth2MethodSecurityExpressionHandler(); 
     } 

    } 

    @Configuration 
    @EnableAuthorizationServer 
    public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter { 

     @Autowired 
     private AuthenticationManager authenticationManager; 

     @Override 
     public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { 
      endpoints.authenticationManager(authenticationManager); 
     } 

     @Override 
     public void configure(ClientDetailsServiceConfigurer clients) throws Exception { 
      clients.inMemory() 
        .withClient("restapp") 
        .secret("secret") 
        .scopes("read", "write", "trust") 
        .authorities("ROLE_APP") 
        .authorizedGrantTypes("authorization_code", "client_credentials", "refresh_token", "implicit"); 
     } 

     @Override 
     public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { 
      security 
        .tokenKeyAccess("permitAll()") 
        .checkTokenAccess("isAuthenticated()"); 
     } 
    } 

    @Configuration 
    public class AuthenticationConfiguration extends GlobalAuthenticationConfigurerAdapter { 

     @Override 
     public void init(AuthenticationManagerBuilder auth) throws Exception { 
      auth.inMemoryAuthentication() 
        .withUser("user").password("user").roles("USER") 
        .and() 
        .withUser("admin").password("admin").roles("ADMIN"); 
     } 
    } 

    @Configuration 
    public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter { 

     @Override 
     protected void configure(HttpSecurity http) throws Exception { 
      http 
        .formLogin().loginPage("/login").permitAll() 
        .and() 
        .requestMatchers() 
        .antMatchers("/", "/login", "/oauth/authorize", "/oauth/confirm_access") 
        .and() 
        .authorizeRequests() 
        .anyRequest().authenticated(); 
     } 
    } 
}

來源

2016-10-05 16:16:40 bilak

+0

但@EnableResourceServer顯示錯誤 – jicks

+0

你可以在github上分享你的項目嗎? – bilak

+0

我可以在這裏分享我的全部安全配置嗎? – jicks

相關問題

 相關問題