How to provide custom security configuration for oauth2 with spring-boot 1.3.0.RC1

前端未结

关注

 2  1098

旧巷少年郎 2021-01-27 11:12

With spring-cloud Angel.SR3 release I followed example in https://github.com/spring-cloud-samples/sso and things work fine with spring-boot 1.2.6.RELEASE.

However with

2条回答

-上瘾入骨i (楼主)

2021-01-27 11:45

Turns out not special adapter needed, just the regular WebSecurityConfigurerAdapter does the trick. You cannot tell the code from below if oauth2 SSO is involved, more transparent, sort to speak.

@Configuration 
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
protected static class ApplicationSecurity extends WebSecurityConfigurerAdapter {

    @Autowired
    private SecurityProperties security;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // @formatter:off
        http
        .authorizeRequests()
            .antMatchers("/", "/ssologout").permitAll()
            .anyRequest().fullyAuthenticated()
        .and()
            .formLogin()
                .loginPage("/login").failureUrl("/login?error")
            .permitAll()
        .and()
            .logout().permitAll();
        // @formatter:on
    }

}

0 讨论(0)

查看其它2个回答