堆栈内存溢出
  简体   繁体   English

Spring Security OAuth(angular2上的单独客户端)

[英]Spring Security OAuth (separate client on angular2)

 原文  2016-03-11 10:22:33       java/ spring/ oauth/ spring-security/ angular

问题描述

I have a problem with configuring spring security and oauth2. 我在配置spring security和oauth2时遇到问题。 I used a tutorial on their page, where there was an angular1 app that was running on the same port and was served from Tomcat. 我在他们的页面上使用了一个教程,其中有一个angular1应用程序在同一个端口上运行,并且是从Tomcat提供的。

I want to do it in a different way. 我想以不同的方式做到这一点。 What I want to do is put a completely separate angular2 app, running on a different port. 我想要做的是在一个不同的端口上运行一个完全独立的angular2应用程序。

Now the problem is that the app only returns to port 8080 (spring app) and I don't know how to change this behavior. 现在问题是app只返回端口8080(spring app),我不知道如何改变这种行为。

My whole Java code is: 我的整个Java代码是: 

@SpringBootApplication
@EnableOAuth2Sso
@RestController
public class SocialApplication extends WebSecurityConfigurerAdapter {


@RequestMapping("/user")
public Principal user(Principal principal) {
    return principal;
}

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .antMatcher("/**")
            .authorizeRequests()
            .antMatchers("/", "/log**", "/login**", "/webjars/**")
            .permitAll()
            .anyRequest()
            .authenticated()
            .and().logout().logoutSuccessUrl("/").permitAll()
            .and().csrf().csrfTokenRepository(csrfTokenRepository())
            .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
}

private Filter csrfHeaderFilter() {
    return new OncePerRequestFilter() {
        @Override
        protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
                                        FilterChain filterChain) throws ServletException, IOException {
            CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
            if (csrf != null) {
                Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
                String token = csrf.getToken();
                if (cookie == null || token != null && !token.equals(cookie.getValue())) {
                    cookie = new Cookie("XSRF-TOKEN", token);
                    cookie.setPath("/");
                    response.addCookie(cookie);
                }
            }
            filterChain.doFilter(request, response);

        }
    };
}

private CsrfTokenRepository csrfTokenRepository() {
    HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
    repository.setHeaderName("X-XSRF-TOKEN");
    return repository;
}

public static void main(String[] args) {
    SpringApplication.run(SocialApplication.class, args);
}
}

1 个解决方案

解决方案1
 0  

Solution is here I have create a tutorial. 解决方案在这里我已经创建了一个教程。 link to tutorial is here 链接到教程就在这里

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Spring安全中的Oauth2客户端 - Oauth2 Client in Spring security 多个OAuth客户端Spring Security - Multiple oauth client spring Security Spring security oauth2客户端 - Spring security oauth2 client 使用Java和Angular2登录Spring Security - Spring Security login with Java and Angular2 oAuth2客户端在Spring Security中使用密码授予 - oAuth2 client with password grant in Spring Security 没有client_secret的Spring Security OAuth 2.0 - Spring Security OAuth 2.0 with no client_secret 带有 spring security 5 和 oauth2 的日历客户端 - Calendar client with spring security 5 and oauth2 Spring Boot Security 中 OAuth2Client 中的 SSO - SSO in OAuth2Client in Spring Boot Security Spring 安全 oauth2 客户端 - Twitter 的问题 - Spring Security oauth2 client - problem with Twitter Spring Security Oauth客户端-像邮递员示例的请求 - Spring security Oauth client - Request like a postman example
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM