[英]How to call my authentication microservice in another microservice in spring boot security
I have implemented an authentication service using Spring Security which has access to a database which stores user data.我已经使用 Spring Security 实现了一个身份验证服务,它可以访问存储用户数据的数据库。 Now I want to implement another service (open a totally new project) where I only specify the url of my authentication service.
现在我想实现另一个服务(打开一个全新的项目),我只指定我的身份验证服务的 url。 I used
.loginProcessingUrl()
and changed the login page in the spring security configuration but that does not work.我使用了
.loginProcessingUrl()
并更改了 spring 安全配置中的登录页面,但这不起作用。 How do I make the new service authenticate using my authentication service?如何使用我的身份验证服务对新服务进行身份验证?
You could use a custom AuthenticationProvider
to do the authentication for you.您可以使用自定义
AuthenticationProvider
为您进行身份验证。
Here's a barebones example:这是一个准系统示例:
CustomRemoteAuthenticationProvider
that calls your authentication service:CustomRemoteAuthenticationProvider
:public class CustomRemoteAuthenticationProvider implements AuthenticationProvider {
@Override
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
String username = authentication.getName();
String password = authentication.getCredentials().toString();
// call your authentication service
// ... and return a UsernamePasswordAuthenticationToken
}
@Override
public boolean supports(Class<?> authentication) {
return authentication.equals(UsernamePasswordAuthenticationToken.class);
}
}
CustomRemoteAuthenticationProvider
as a bean (which you could do in WebSecurityConfigurerAdapter
), which will get picked up and added to the AuthenticationManager
automatically:CustomRemoteAuthenticationProvider
声明为 bean(您可以在WebSecurityConfigurerAdapter
),它将被自动提取并添加到AuthenticationManager
:@Bean
public CustomRemoteAuthenticationProvider customRemoteAuthenticationProvider() {
return new CustomRemoteAuthenticationProvider();
}
Note : You could do all of this in one step by adding @Component
directly to CustomRemoteAuthenticationProvider
.注意:您可以通过将
@Component
直接添加到CustomRemoteAuthenticationProvider
一步完成所有这些操作。 Also, check out the javadoc for AuthenticationProvider
for a list of AuthenticationProvider
s if you want more ideas on how to write one.此外, 检查出的javadoc为
AuthenticationProvider
对列表AuthenticationProvider
■如果您想了解如何编写一个更多的想法。 DaoAuthenticationProvider
is commonly used with JdbcDaoImpl
to authenticate against a database. DaoAuthenticationProvider
通常与JdbcDaoImpl
一起用于对数据库进行身份验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.