Detailed description of Spring Cloud-based configuration to complete single-point login development, springcloud

Detailed description of Spring Cloud-based configuration to complete single-point login development, springcloud

Single Sign-On Concept

Single Sign On (SSO) is one of the most popular solutions for enterprise business integration. SSO is defined in multiple application systems. Users only need to log on once to access all mutually trusted application systems. The logon logic is as follows:

Implementation Based on Spring family Bucket

Technology Selection:

1. Spring Boot
2. Spring Cloud
3. Spring Security oau22.

Client:

Maven dependency

<dependency>  <groupId>org.springframework.boot</groupId>  <artifactId>spring-boot-starter-web</artifactId></dependency><dependency>  <groupId>org.springframework.boot</groupId>  <artifactId>spring-boot-starter-security</artifactId></dependency><dependency>  <groupId>org.springframework.security.oauth</groupId>  <artifactId>spring-security-oauth2</artifactId></dependency><dependency>  <groupId>org.springframework.security</groupId>  <artifactId>spring-security-jwt</artifactId></dependency>

EnableOAuth2Sso Annotation

Portal configuration @ EnableOAuth2Sso

@SpringBootApplicationpublic class PigSsoClientDemoApplication {  public static void main(String[] args) {    SpringApplication.run(PigSsoClientDemoApplication.class, args);  }}

Configuration File

security: oauth2:  client:   client-id: pig   client-secret: pig   user-authorization-uri: http://localhost:3000/oauth/authorize   access-token-uri: http://localhost:3000/oauth/token   scope: server  resource:   jwt:    key-uri: http://localhost:3000/oauth/token_key sessions: never

SSO Authentication Server

Authentication Server Configuration

@Configuration@Order(Integer.MIN_VALUE)@EnableAuthorizationServerpublic class PigAuthorizationConfig extends AuthorizationServerConfigurerAdapter {  @Override  public void configure(ClientDetailsServiceConfigurer clients) throws Exception {    clients.inMemory()        .withClient(authServerConfig.getClientId())        .secret(authServerConfig.getClientSecret())        .authorizedGrantTypes(SecurityConstants.REFRESH_TOKEN, SecurityConstants.PASSWORD,SecurityConstants.AUTHORIZATION_CODE)        .scopes(authServerConfig.getScope());  }  @Override  public void configure(AuthorizationServerEndpointsConfigurer endpoints) {    endpoints        .tokenStore(new RedisTokenStore(redisConnectionFactory))        .accessTokenConverter(jwtAccessTokenConverter())        .authenticationManager(authenticationManager)        .exceptionTranslator(pigWebResponseExceptionTranslator)        .reuseRefreshTokens(false)        .userDetailsService(userDetailsService);  }  @Override  public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {    security        .allowFormAuthenticationForClients()        .tokenKeyAccess("isAuthenticated()")        .checkTokenAccess("permitAll()");  }  @Bean  public PasswordEncoder passwordEncoder() {    return new BCryptPasswordEncoder();  }  @Bean  public JwtAccessTokenConverter jwtAccessTokenConverter() {    JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter();    jwtAccessTokenConverter.setSigningKey(CommonConstant.SIGN_KEY);    return jwtAccessTokenConverter;  }}

The above is all the content of this article. I hope it will be helpful for your learning and support for helping customers.