堆栈内存溢出
  简体   繁体   English

多个OAuth客户端Spring Security

[英]Multiple oauth client spring Security

 原文  2018-06-05 15:22:55       java/ spring/ spring-security/ spring-security-oauth2

问题描述

I have two tables, in each each one differents users , there are two applications web that are connected to my Spring BackEnd, each frontEnd application has one table of users . 我有两个表,每个表都有不同的用户,有两个应用程序Web连接到我的Spring BackEnd,每个frontEnd应用程序都有一个用户表。 I want that the user of each table connect with differents clientId and clientSecret. 我希望每个表的用户都使用不同的clientId和clientSecret连接。 I tried to create two authorization servers but it's appears that wouldn't work. 我试图创建两个授权服务器,但似乎不起作用。 

public class ClientAuthorizationServerConfiguration extends 
AuthorizationServerConfigurerAdapter {

@Autowired 
private ClientConfigurationProperties clientConfiguration;

private TokenStore tokenStore = new InMemoryTokenStore();

@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;

@Autowired
private RepositoryClientDetailsService clientDetailsService;

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints)
        throws Exception {
    endpoints
            .tokenStore(this.tokenStore)
            .authenticationManager(this.authenticationManager)
            .userDetailsService(clientDetailsService);

}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws 
Exception {
    clients 
            .inMemory()
            .withClient(clientConfiguration.getClientId())
            .authorizedGrantTypes("password", "refresh_token")
            .authorities("USER")
            .scopes("read", "write")
            .resourceIds(ClientApiResourceServerConfiguration.RESOURCE_ID)
            .secret("{noop}"+clientConfiguration.getClientSecret());

}



@Bean
@Primary
public DefaultTokenServices tokenServices() {
    DefaultTokenServices tokenServices = new DefaultTokenServices();
    tokenServices.setSupportRefreshToken(true);
    tokenServices.setTokenStore(this.tokenStore);
    return tokenServices;
}

@Bean
public PasswordEncoder passwordEncoder() {
  return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}

}

this is my second authorization server 这是我的第二个授权服务器 

@Configuration
@EnableAuthorizationServer
@Order(1)
public class AuthorizationServerConfiguration extends 
AuthorizationServerConfigurerAdapter {

@Autowired
private ApplicationConfigurationProperties configuration;


@Autowired
private RepositoryClientDetailsService clientDetailsService;




private TokenStore tokenStore = new InMemoryTokenStore();

@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;

@Autowired
private RepositoryUserDetailsService userDetailsService;

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints)
        throws Exception {
    endpoints
            .tokenStore(this.tokenStore)
            .authenticationManager(this.authenticationManager)
            .userDetailsService(userDetailsService);

}

@Override
public void configure(ClientDetailsServiceConfigurer clients) throws 
Exception {
    clients 
            .inMemory()
            .withClient(configuration.getClientId())
            .authorizedGrantTypes("password", "refresh_token")
            .authorities("USER")
            .scopes("read", "write")
            .resourceIds(RestApiResourceServerConfiguration.RESOURCE_ID)
            .secret("{noop}"+configuration.getClientSecret());

}


@Bean
@Primary
public DefaultTokenServices tokenServices() {
    DefaultTokenServices tokenServices = new DefaultTokenServices();
    tokenServices.setSupportRefreshToken(true);
    tokenServices.setTokenStore(this.tokenStore);
    return tokenServices;
}

@Bean
public PasswordEncoder passwordEncoder() {
  return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}

}

1 个解决方案

解决方案1
 0 已采纳  2018-06-06 05:01:21

You can add one centralized database, only for authentication purpose. 您可以添加一个集中式数据库,仅用于身份验证目的。 This database will have all clients information (Client ID, Client Secret etc.) and all users information (mostly username and passwords only). 该数据库将包含所有客户端信息(客户端ID,客户端密钥等)和所有用户信息(主要是用户名和密码)。 Complete user information will remain in their respective databases, but this authentication database will have only user credentials. 完整的用户信息将保留在其各自的数据库中,但是此身份验证数据库将仅具有用户凭据。

All your applications can authenticate themselves using Client Credentials grant type. 您的所有应用程序都可以使用“客户端证书”授予类型进行身份验证。 Spring provides OAuth2RestTemplate to make authenticated REST requests. Spring提供了OAuth2RestTemplate来进行经过身份验证的REST请求。

All your users (from both applications) can as well authenticate themselves using one centralized authentication server and authentication database. 您的所有用户(来自这两个应用程序)都可以使用一个集中式身份验证服务器和身份验证数据库对自己进行身份验证。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Spring安全中的Oauth2客户端 - Oauth2 Client in Spring security Spring security oauth2客户端 - Spring security oauth2 client oAuth2客户端在Spring Security中使用密码授予 - oAuth2 client with password grant in Spring Security 没有client_secret的Spring Security OAuth 2.0 - Spring Security OAuth 2.0 with no client_secret 带有 spring security 5 和 oauth2 的日历客户端 - Calendar client with spring security 5 and oauth2 Spring Security OAuth(angular2上的单独客户端) - Spring Security OAuth (separate client on angular2) Spring Boot Security 中 OAuth2Client 中的 SSO - SSO in OAuth2Client in Spring Boot Security Spring 安全 oauth2 客户端 - Twitter 的问题 - Spring Security oauth2 client - problem with Twitter Spring Security Oauth客户端-像邮递员示例的请求 - Spring security Oauth client - Request like a postman example 如何正确配置Spring Security OAuth 2.0客户端凭据? - How proper configure Spring Security OAuth 2.0 Client Credentials?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM