日本免费全黄少妇一区二区三区-高清无码一区二区三区四区-欧美中文字幕日韩在线观看-国产福利诱惑在线网站-国产中文字幕一区在线-亚洲欧美精品日韩一区-久久国产精品国产精品国产-国产精久久久久久一区二区三区-欧美亚洲国产精品久久久久

  1. 首頁 > 云知道 > >

單點登錄失敗解決措施 單點登錄框架有哪些( 四 )

云知道

配置網(wǎng)關(guān)認證的URL- id: router02uri: lb://sca-authpredicates:#- Path=/auth/login/**#沒要令牌之前,以前是這樣配置- Path=/auth/oauth/**#微服務(wù)架構(gòu)下,需要令牌,現(xiàn)在要這樣配置filters:- StripPrefix=1Postman訪問測試第一步:啟動服務(wù)
依次啟動sca-auth服務(wù),sca-resource-gateway服務(wù) 。
第二步:檢測sca-auth服務(wù)控制臺的Endpoints信息,例如:

單點登錄失敗解決措施 單點登錄框架有哪些


第三步:打開postman進行登陸訪問測試


單點登錄失敗解決措施 單點登錄框架有哪些


登陸成功會在控制臺顯示令牌信息,例如:{"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2Mjk5OTg0NjAsInVzZXJfbmFtZSI6ImphY2siLCJhdXRob3JpdGllcyI6WyJzeXM6cmVzOmNyZWF0ZSIsInN5czpyZXM6cmV0cmlldmUiXSwianRpIjoiYWQ3ZDk1ODYtMjUwYS00M2M4LWI0ODYtNjIyYjJmY2UzMDNiIiwiY2xpZW50X2lkIjoiZ2F0ZXdheS1jbGllbnQiLCJzY29wZSI6WyJhbGwiXX0.-Zcmxwh0pz3GTKdktpr4FknFB1v23w-E501y7TZmLg4","token_type": "bearer","refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiJqYWNrIiwic2NvcGUiOlsiYWxsIl0sImF0aSI6ImFkN2Q5NTg2LTI1MGEtNDNjOC1iNDg2LTYyMmIyZmNlMzAzYiIsImV4cCI6MTYzMDI1NDA2MCwiYXV0aG9yaXRpZXMiOlsic3lzOnJlczpjcmVhdGUiLCJzeXM6cmVzOnJldHJpZXZlIl0sImp0aSI6IjIyOTdjMTg2LWM4MDktNDZiZi1iNmMxLWFiYWExY2ExZjQ1ZiIsImNsaWVudF9pZCI6ImdhdGV3YXktY2xpZW50In0.1Bf5IazROtFFJu31Qv3rWAVEtFC1NHWU1z_DsgcnSX0","expires_in": 3599,"scope": "all","jti": "ad7d9586-250a-43c8-b486-622b2fce303b"}登陸頁面登陸方法設(shè)計登陸成功以后,將token存儲到localStorage中,修改登錄頁面的doLogin方法,例如
doLogin() {//1.定義urllet url = "http://localhost:9000/auth/oauth/token"http://2.定義參數(shù)let params = new URLSearchParams()params.append('username',this.username);params.append('password',this.password);params.append("client_id","gateway-client");params.append("client_secret","123456");params.append("grant_type","password");//3.發(fā)送異步請求axios.post(url, params).then((response) => {alert("login ok");let result=response.data;localStorage.setItem("accessToken",result.access_token);location.;}).catch((error)=>{console.log(error);})}資源服務(wù)器配置添加依賴打開資源服務(wù)的pom.xml文件,添加oauth2依賴 。
<dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-oauth2</artifactId></dependency>令牌處理器配置package com.jt.auth.config;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.security.oauth2.provider.token.TokenStore;import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;/** * 創(chuàng)建JWT令牌配置類,基于這個類實現(xiàn)令牌對象的創(chuàng)建和解析. * JWT令牌的構(gòu)成有三部分構(gòu)成: * 1)HEADER (頭部信息:令牌類型,簽名算法) * 2)PAYLOAD (數(shù)據(jù)信息-用戶信息,權(quán)限信息,令牌失效時間,...) * 3)SIGNATURE (簽名信息-對header和payload部分進行加密簽名) */@Configurationpublic class TokenConfig {//定義令牌簽發(fā)口令(暗號),這個口令自己定義即可//在對header和PAYLOAD部分進行簽名時,需要的一個口令private String SIGNING_KEY= "auth";//初始化令牌生成策略(默認生成策略 UUID)//這里我們采用JWT方式生成令牌@Beanpublic TokenStore tokenStore(){return new JwtTokenStore(jwtAccessTokenConverter());}//構(gòu)建JWT令牌轉(zhuǎn)換器對象,基于此對象創(chuàng)建令牌,解析令牌@Beanpublic JwtAccessTokenConverter jwtAccessTokenConverter(){JwtAccessTokenConverter converter=new JwtAccessTokenConverter();converter.setSigningKey(SIGNING_KEY);return converter;}}資源服務(wù)令牌解析配置package com.jt.resource.config;import com.fasterxml.jackson.databind.ObjectMapper;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.annotation.Configuration;import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;import org.springframework.security.config.annotation.web.builders.HttpSecurity;import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;import org.springframework.security.oauth2.provider.token.TokenStore;import org.springframework.security.web.access.AccessDeniedHandler;import javax.servlet.http.HttpServletResponse;import java.io.PrintWriter;import java.util.HashMap;import java.util.Map;@Configuration@EnableResourceServer@EnableGlobalMethodSecurity(prePostEnabled = true)public class ResourceServerConfig extends ResourceServerConfigurerAdapter {@Autowiredprivate TokenStore tokenStore;/*** token服務(wù)配置*/@Overridepublic void configure(ResourceServerSecurityConfigurer resources) throws Exception {resources.tokenStore(tokenStore);}/*** 路由安全認證配置*/@Overridepublic void configure(HttpSecurity http) throws Exception {http.csrf().disable();http.exceptionHandling().accessDeniedHandler(accessDeniedHandler());http.authorizeRequests().anyRequest().permitAll();}//沒有權(quán)限時執(zhí)行此處理器方法public AccessDeniedHandler accessDeniedHandler() {return (request, response, e) -> {Map<String, Object> map = new HashMap<>();map.put("state", HttpServletResponse.SC_FORBIDDEN);//SC_FORBIDDEN的值是403map.put("message", "沒有訪問權(quán)限,請聯(lián)系管理員");//1設(shè)置響應(yīng)數(shù)據(jù)的編碼response.setCharacterEncoding("utf-8");//2告訴瀏覽器響應(yīng)數(shù)據(jù)的內(nèi)容類型以及編碼response.setContentType("application/json;charset=utf-8");//3獲取輸出流對象PrintWriter out=response.getWriter();//4 輸出數(shù)據(jù)String result=new ObjectMapper().writeValueAsString(map);out.println(result);out.flush();};}}

推薦閱讀