设置基于Spring安全性的OAuth2服务器
[英]Setup a Spring security based OAuth2 server
问题描述
Want to develop a Spring security based OAuth2 server. 
想要开发基于Spring安全性的OAuth2服务器。 My UI is completely decoupled from backend (Angular.js). 我的UI完全与后端(Angular.js)分离。 There should be apis like 1) /security/oauth2/token to issue token 2) /security/oauth2/validate to validate token etc 应该有像1)/ security / oauth2 / token这样的api来发出令牌2)/ security / oauth2 / validate来验证令牌等
These REST apis and Spring configuration should not contain any UI or MVC related information unlike normal Spring security. 与普通的Spring安全性不同,这些REST apis和Spring配置不应包含任何UI或MVC相关信息。
Any idea how to do it? 知道怎么做吗?
1 个解决方案
解决方案1
0 2016-08-17 10:14:50
There are a few articles around showing how to build your own OAuth2 system. 有一些文章展示了如何构建自己的OAuth2系统。
Unfortunately I am not using Java for stuff like this, but if you are interested you can go to my blog and check out the basics in this article : https://eidand.com/2015/03/28/authorization-system-with-owin-web-api-json-web-tokens/ 不幸的是我没有使用Java这样的东西,但是如果你有兴趣可以去我的博客并查看本文的基础知识: https : //eidand.com/2015/03/28/authorization-system-with -owin-web的API-JSON-web的令牌/
It will explain how the whole thing works and how you communicate with such a system once it's built. 它将解释整个过程是如何工作的,以及一旦它构建完成后如何与这样的系统进行通信。
OAuth2 is a standard so you can always build your own Oauth2 client which can talk to any external OAuth2 provider as well as your own system, it's just a question of changing the application details ( ClientID and ClientSecret ) and token URL. OAuth2是一个标准,因此您始终可以构建自己的Oauth2客户端,该客户端可以与任何外部OAuth2提供程序以及您自己的系统进行通信,这只是一个更改应用程序详细信息(ClientID和ClientSecret)和令牌URL的问题。
The API itself you can build with any stack you wish, REST or not and you will be able to use it with JAVA or whatever you fancy. 您可以使用任何堆栈构建的API本身,无论是否为REST,您都可以将它与JAVA或您喜欢的任何东西一起使用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.