Spring cloud security Oauth2 多节点集群需要修改的配置
来源:互联网 发布:水杯推荐 知乎 编辑:程序博客网 时间:2024/06/03 16:08
最近在学习Spring cloud微服务的搭建,采用Spring 的 OAuth2作为单点登录服务器,通过zuul作统一路由,所以认证服务 (Authentication Server)端可通过多实例进行集群部署,集群部署时需要对认证服务 (Authentication Server)进行如下几点配置。
1、通过redis存储AccessToken
@Configurationpublic class AuthServerConfig extends AuthorizationServerConfigurerAdapter { @Autowiredprivate AuthenticationManager authenticationManager; @Autowiredprivate RedisConnectionFactory redisConnectionFactory; @Overridepublic void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {endpoints.authenticationManager(authenticationManager).accessTokenConverter(jwtAccessTokenConverter());endpoints.tokenStore(tokenStore());}@Beanpublic TokenStore tokenStore() {return new RedisTokenStore(redisConnectionFactory);}}
2、共享Authentication code
目前spring提供了内存和数据库两种方式存储授权码Authentication code,要实现多个实例之间共享可以选在将AuthenTicationCode存储在数据中,相关配置为
@Beanpublic AuthorizationCodeServices authorizationCodeServices(){return new JdbcAuthorizationCodeServices(dataSource);} @Overridepublic void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {endpoints.authenticationManager(authenticationManager).accessTokenConverter(jwtAccessTokenConverter());endpoints.tokenStore(tokenStore());endpoints.authorizationCodeServices(authorizationCodeServices());}需要在数据库中创建表 auth_code
CREATE TABLE `oauth_code` ( `code` varchar(1024) DEFAULT NULL, `authentication` blob)我们也可以自定义AuthorizationCodeServices实现类来将auth_code 存放在redis中
public class RedisAuthenticationCodeServices extends RandomValueAuthorizationCodeServices {private static Logger log = Logger.getLogger(RedisAuthenticationCodeServices.class);private static final String AUTH_CODE_KEY = "auth_code";private RedisConnectionFactory connectionFactory;public RedisAuthenticationCodeServices(RedisConnectionFactory connectionFactory) {Assert.notNull(connectionFactory, "RedisConnectionFactory required");this.connectionFactory = connectionFactory;}@Overrideprotected OAuth2Authentication remove(String code) {RedisConnection conn = getConnection();try {OAuth2Authentication authentication = null;try {authentication = SerializationUtils.deserialize(conn.hGet(AUTH_CODE_KEY.getBytes("utf-8"), code.getBytes("utf-8")));} catch (Exception e) {return null;}if (null != authentication) {conn.hDel(AUTH_CODE_KEY.getBytes("utf-8"), code.getBytes("utf-8"));}return authentication;} catch (Exception e) {return null;} finally {conn.close();}}@Overrideprotected void store(String code, OAuth2Authentication authentication) {RedisConnection conn = getConnection();try {conn.hSet(AUTH_CODE_KEY.getBytes("utf-8"), code.getBytes("utf-8"),SerializationUtils.serialize(authentication));} catch (Exception e) {log.error("保存authentication code 失败", e);} finally {conn.close();}}private RedisConnection getConnection() {return connectionFactory.getConnection();}}
3、共享session
OAuth2服务在申请授权码时会先判断用户是否登录,如未登录则会引导到登录页面,所以我们需要在不同实例之间共享session,我么可以通过Spring的Session很容易的实现session共享。首先引入jar包,maven的配置如下
<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-data-redis</artifactId></dependency><dependency><groupId>org.springframework.session</groupId><artifactId>spring-session</artifactId></dependency>通过@EnableRedisHttpSession注解开启session共享。
阅读全文
0 0
- Spring cloud security Oauth2 多节点集群需要修改的配置
- spring security oauth2配置
- Spring security oauth2最简单入门环境搭建--二、干货 博客分类: OAuth2 spring security oauth入门配置oauth2教程 关于OAuth2的一些简介
- 使用Spring Cloud Security OAuth2搭建授权服务
- 使用Spring Cloud Security OAuth2搭建授权服务
- 利用curl模拟 移动端 接入 spring cloud security OAuth2
- 使用Spring Cloud Security OAuth2搭建授权服务
- 解决 Spring Cloud Security OAuth2搭建授权服务
- 使用SPRING CLOUD SECURITY OAUTH2搭建授权服
- 使用Spring Cloud Security OAuth2搭建授权服务
- Spring Security OAuth2 配置注意点
- spring security oauth2.0配置详解
- springboot-Spring Cloud Security- Spring Cloud OAuth2 -token-redis 接口权限01
- OAuth2 & Spring Security OAuth2 总结
- spring cloud oauth2 feign 遇到的坑
- Spring Cloud服务注册中心双节点集群,使用Eureka实现,以IP方式配置,基于Spring Cloud的Camden SR5版本
- Spring Cloud服务注册中心双节点集群,使用Eureka实现,以IP方式配置,基于Spring Cloud的Camden SR5版本
- Spring Cloud OAuth2 & Zuul
- IPC机制--开发艺术探索(二)
- Java开发成长之路
- 使用Webpack加速Vue.js应用的4种方式
- const 关键字使用总结
- SkipList 原理
- Spring cloud security Oauth2 多节点集群需要修改的配置
- CocoaPods Podfile详解与使用
- Android自定义属性的理解
- VS2017调试Android出现"System.IO.FileNotFoundException: Could not load file or assembly 'Mono.Posix, Ve
- 关于Eclipse创建安卓模拟器时报Intel X86 无法使用错误!!!
- 从MVC到前后端分离
- hi all
- ARM虚拟机防止默认远程端口直接暴露在公网方法
- JS关于时间,月份,年, 天起