SpringBoot+SpringSecurityOAuth2.0 实现SSO单点登录（一）--客户端

SSO Client

准备：

使用maven构建项目，导入1.5.4SpringBoot父jar包

<parent>

<groupId>org.springframework.boot</groupId>

<artifactId>spring-boot-starter-parent</artifactId>

<version>1.5.4.RELEASE</version>

<relativePath/>

</parent>

导入所必须的springboot集成security的jar包spring-boot-starter-security以及它的依赖包spring-security-jwt

<groupId>org.springframework.boot</groupId>

<artifactId>spring-boot-starter-security</artifactId>

<groupId>org.springframework.security</groupId>

<artifactId>spring-security-jwt</artifactId>

 

基于OAuth认证，导入

<groupId>org.springframework.security.oauth</groupId>

<artifactId>spring-security-oauth2</artifactId>

由于是web项目继续导入spring-boot-starter-web

<groupId>org.springframework.boot</groupId>

<artifactId>spring-boot-starter-web</artifactId>

页面显示模版使用springBoot官方推荐的thymeleaf 导入spring-boot-starter-thymeleaf

 

配置：

配置springBoot启动yml文件，设置SSO认证必要参数

#配置服务地址 及登出地址

myOAthConfig: 

  hostUrl: http://localhost:5678

  logoutUrl: ${myOAthConfig.hostUrl}/logout

 

security:

  oauth2:

    sso:

      login-path: /login

    client:

      client-id: acme

      client-secret: acmesecret

      access-token-uri: ${myOAthConfig.hostUrl}/oauth/token

      user-authorization-uri: ${myOAthConfig.hostUrl}/oauth/authorize

      client-authentication-scheme: form

    resource:

      jwt:

        key-uri: ${myOAthConfig.hostUrl}/oauth/token_key

添加本地安全策略：

新建SecurityConfiguration继承WebSecurityConfigurerAdapter添加@Configuration上下文配置spring容器  @EnableOAuth2Sso开启OAuth认证SSO

重写configure(HttpSecurity http)方法，配置该客户端访问安全策略

 

 

 

首先开启SSO服务器，再开启Client 否则会报错