jhipster应用的JWT认证
[英]JWT authentication of jhipster application
问题描述
I generated two jhipster applications: microservice gateway and microservice application choosing to secure it with JWT.
我生成了两个 jhipster 应用程序:微服务网关和选择使用 JWT 保护它的微服务应用程序。 The authorization works as excepted meaning that when I log in as a user with microservice gateway it sends an authentication token and using this token I can issue a direct request to microservice application in order to access protected resources.授权作为例外工作,这意味着当我以微服务网关的用户authentication token登录时,它会发送一个authentication token并使用此令牌我可以向微服务应用程序发出直接请求以访问受保护的资源。
The question is how the microservice application correctly validates JWT token even though the jhipster.security.authentication.jwt.base64-secret keys are different in the generated applications?问题是即使生成的应用程序中的jhipster.security.authentication.jwt.base64-secret密钥不同,微服务应用程序如何正确验证 JWT 令牌?
1 个解决方案
解决方案1
4 已采纳 2020-02-02 18:25:05
JWT secrets might be different in the application.yml files of each application but it does not matter because in fact the application properties (including JWT secret) are obtained from central configuration: the JHipster registry because it's a Spring Cloud Config Server.每个应用程序的 application.yml 文件中的 JWT 机密可能不同,但这并不重要,因为实际上应用程序属性(包括 JWT 机密)是从中央配置获取的:JHipster 注册表,因为它是 Spring Cloud 配置服务器。
See JHipster Registry doc and also Spring Cloud Config Server doc for further details.有关更多详细信息,请参阅JHipster Registry 文档和Spring Cloud Config Server 文档。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.