Merge pull request #7092 from Doha2012/master
upgrade spring security cloud
This commit is contained in:
commit
9d1396b99c
|
@ -24,7 +24,7 @@
|
|||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.cloud</groupId>
|
||||
<artifactId>spring-cloud-starter-zuul</artifactId>
|
||||
<artifactId>spring-cloud-starter-netflix-zuul</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
|
@ -34,14 +34,16 @@
|
|||
<dependency>
|
||||
<groupId>org.webjars</groupId>
|
||||
<artifactId>jquery</artifactId>
|
||||
<version>${jquery.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.webjars</groupId>
|
||||
<artifactId>bootstrap</artifactId>
|
||||
<version>${bootstrap.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.webjars</groupId>
|
||||
<artifactId>webjars-locator</artifactId>
|
||||
<artifactId>webjars-locator-core</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
|
@ -62,8 +64,8 @@
|
|||
<artifactId>spring-boot-starter-thymeleaf</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security.oauth</groupId>
|
||||
<artifactId>spring-security-oauth2</artifactId>
|
||||
<groupId>org.springframework.security.oauth.boot</groupId>
|
||||
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
|
@ -89,8 +91,10 @@
|
|||
</dependencyManagement>
|
||||
|
||||
<properties>
|
||||
<js-cookie.version>2.1.0</js-cookie.version>
|
||||
<spring-cloud.version>Dalston.SR4</spring-cloud.version>
|
||||
<js-cookie.version>2.2.0</js-cookie.version>
|
||||
<spring-cloud.version>Greenwich.SR1</spring-cloud.version>
|
||||
<jquery.version>3.4.1</jquery.version>
|
||||
<bootstrap.version>4.3.1</bootstrap.version>
|
||||
</properties>
|
||||
|
||||
</project>
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
# These are default settings, but we add them for clarity.
|
||||
server:
|
||||
port: 8080
|
||||
contextPath: /
|
||||
servlet:
|
||||
context-path: /
|
||||
|
||||
# Configure the Authorization Server and User Info Resource Server details
|
||||
security:
|
||||
|
@ -21,6 +22,7 @@ person:
|
|||
# Proxies the calls to http://localhost:8080/api/* to our REST service at http://localhost:8081/*
|
||||
# and automatically includes our OAuth2 token in the request headers
|
||||
zuul:
|
||||
sensitiveHeaders: Cookie,Set-Cookie
|
||||
routes:
|
||||
resource:
|
||||
path: /api/**
|
||||
|
|
|
@ -19,8 +19,8 @@
|
|||
<artifactId>spring-boot-starter-web</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security.oauth</groupId>
|
||||
<artifactId>spring-security-oauth2</artifactId>
|
||||
<groupId>org.springframework.security.oauth.boot</groupId>
|
||||
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
|
@ -30,6 +30,7 @@
|
|||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-jwt</artifactId>
|
||||
<version>${spring-jwt.version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
|
@ -55,7 +56,8 @@
|
|||
</build>
|
||||
|
||||
<properties>
|
||||
<spring-cloud.version>Edgware.RELEASE</spring-cloud.version>
|
||||
<spring-cloud.version>Greenwich.SR1</spring-cloud.version>
|
||||
<spring-jwt.version>1.0.10.RELEASE</spring-jwt.version>
|
||||
</properties>
|
||||
|
||||
</project>
|
||||
|
|
|
@ -3,7 +3,7 @@ package com.baeldung.config;
|
|||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
|
||||
|
||||
|
@ -11,15 +11,18 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.R
|
|||
* REST API Resource Server.
|
||||
*/
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@EnableResourceServer
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true) // Allow method annotations like @PreAuthorize
|
||||
public class ResourceConfigurer extends ResourceServerConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
public void configure(HttpSecurity http) throws Exception {
|
||||
http.httpBasic().disable();
|
||||
http.authorizeRequests().anyRequest().authenticated();
|
||||
http.sessionManagement()
|
||||
.sessionCreationPolicy(SessionCreationPolicy.NEVER)
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated();
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -5,7 +5,6 @@ server:
|
|||
|
||||
# Configure the public key to use for verifying the incoming JWT tokens
|
||||
security:
|
||||
sessions: NEVER
|
||||
oauth2:
|
||||
resource:
|
||||
jwt:
|
||||
|
|
|
@ -38,7 +38,7 @@
|
|||
</dependencies>
|
||||
|
||||
<properties>
|
||||
<spring-cloud-starter-oauth2.version>1.1.2.RELEASE</spring-cloud-starter-oauth2.version>
|
||||
<spring-cloud-starter-oauth2.version>2.1.2.RELEASE</spring-cloud-starter-oauth2.version>
|
||||
</properties>
|
||||
|
||||
</project>
|
|
@ -9,6 +9,7 @@ import org.springframework.context.annotation.Configuration;
|
|||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.core.io.Resource;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
||||
|
@ -19,9 +20,7 @@ import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFacto
|
|||
@Configuration
|
||||
@EnableAuthorizationServer
|
||||
@Order(6)
|
||||
public class AuthServerConfigurer
|
||||
extends
|
||||
AuthorizationServerConfigurerAdapter {
|
||||
public class AuthServerConfigurer extends AuthorizationServerConfigurerAdapter {
|
||||
|
||||
@Value("${jwt.certificate.store.file}")
|
||||
private Resource keystore;
|
||||
|
@ -38,6 +37,9 @@ public class AuthServerConfigurer
|
|||
@Autowired
|
||||
private UserDetailsService userDetailsService;
|
||||
|
||||
@Autowired
|
||||
private BCryptPasswordEncoder passwordEncoder;
|
||||
|
||||
@Override
|
||||
public void configure(
|
||||
ClientDetailsServiceConfigurer clients)
|
||||
|
@ -45,8 +47,8 @@ public class AuthServerConfigurer
|
|||
clients
|
||||
.inMemory()
|
||||
.withClient("authserver")
|
||||
.secret("passwordforauthserver")
|
||||
.redirectUris("http://localhost:8080/")
|
||||
.secret(passwordEncoder.encode("passwordforauthserver"))
|
||||
.redirectUris("http://localhost:8080/login")
|
||||
.authorizedGrantTypes("authorization_code",
|
||||
"refresh_token")
|
||||
.scopes("myscope")
|
||||
|
|
|
@ -2,10 +2,10 @@ package com.baeldung.config;
|
|||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
@Configuration
|
||||
public class WebMvcConfigurer extends WebMvcConfigurerAdapter {
|
||||
public class WebMvcConfig implements WebMvcConfigurer {
|
||||
|
||||
@Override
|
||||
public void addViewControllers(ViewControllerRegistry registry) {
|
|
@ -6,8 +6,8 @@ import org.springframework.security.config.annotation.authentication.builders.Au
|
|||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
|
||||
|
||||
@Configuration
|
||||
|
@ -34,7 +34,7 @@ public class WebSecurityConfigurer
|
|||
AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth
|
||||
.inMemoryAuthentication()
|
||||
.withUser("user").password("user")
|
||||
.withUser("user").password(passwordEncoder().encode("user"))
|
||||
.roles("USER")
|
||||
.and()
|
||||
.withUser("admin").password("admin")
|
||||
|
@ -48,5 +48,9 @@ public class WebSecurityConfigurer
|
|||
return super.userDetailsServiceBean();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public BCryptPasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
# Make the application available at http://localhost:7070/authserver
|
||||
server:
|
||||
port: 7070
|
||||
contextPath: /authserver
|
||||
servlet:
|
||||
context-path: /authserver
|
||||
|
||||
# Our certificate settings for enabling JWT tokens
|
||||
jwt:
|
||||
|
@ -12,10 +13,3 @@ jwt:
|
|||
key:
|
||||
alias: myauthkey
|
||||
password: abirkhan04
|
||||
|
||||
|
||||
security:
|
||||
oauth2:
|
||||
resource:
|
||||
filter-order: 3
|
||||
|
|
@ -8,10 +8,10 @@
|
|||
<packaging>pom</packaging>
|
||||
|
||||
<parent>
|
||||
<artifactId>parent-boot-1</artifactId>
|
||||
<artifactId>parent-boot-2</artifactId>
|
||||
<groupId>com.baeldung</groupId>
|
||||
<version>0.0.1-SNAPSHOT</version>
|
||||
<relativePath>../../parent-boot-1</relativePath>
|
||||
<relativePath>../../parent-boot-2</relativePath>
|
||||
</parent>
|
||||
|
||||
<modules>
|
||||
|
|
Loading…
Reference in New Issue