Client: http://localhost:8080/spring-oauth-client/index.jsp Server: http://localhost:8080/spring-oauth-server/ INDEX.JSPACCESS_TOKEN=942090FC-1AA0-4444-8127-57214680DF3B Verification Business: http://localhost:8080/spring-oauth-server/m/ dashboard?access_token=942090fc-1aa0-4444-8127-57214680df3b. Client environment Building 1, client project import and configuration
2. Client Engineering Publishing and access
del/q D:\tools\Tomcat8.0\webapps\spring-oauth-client.war
del/q D:\tools\Tomcat8.0\webapps\spring-oauth-client
Copy D:\workspace_SpringMybatis\spring-oauth-client\target\spring-oauth-client.war D:\tools\Tomcat8.0\webapps\ Spring-oauth-client.war
http://localhost:8080/spring-oauth-client/index.jsp
Second, the server environment set up 1, the native database installation
2. Service-side project import and configuration
3. Service-side publishing and access
del/q D:\tools\Tomcat8.0\webapps\spring-oauth-server.war
del/q D:\tools\Tomcat8.0\webapps\spring-oauth-server
Copy D:\workspace_SpringMybatis\spring-oauth-server\target\spring-oauth-server.war D:\tools\Tomcat8.0\webapps\ Spring-oauth-server.war
http://localhost:8080/spring-oauth-server/index.jsp
Third, client and server 1, access the client
http://localhost:8080/spring-oauth-client/index.jsp
2, use password mode application Access_token
Get Access_token
3. Find the target business and access form
Find a business link on the server: Http://localhost:8080/spring-oauth-server/m/dashboard?access_token=i_am_testing_access_token
Note There are two ways to pass Access tokens when you request a protected resource
- Method one is added in the URL parameter
access_token,即请求参数:<access_token,your_access_token>
- Method two adds Authorization to the header of the request, with a value of bearerYour_access_token, which is the request header:<Authorization, Beareryour_access_token>
4, carry Access_token visit business
http://localhost:8080/spring-oauth-server/m/dashboard?access_token=942090fc-1aa0-4444-8127-57214680df3b
Request Header: authorization=bearer942090fc-1aa0-4444-8127-57214680df3b
Http://localhost:8080/spring-oauth-server/m/dashboard
Return to business results as follows:
Iv. access to unauthorized URLs or token invalidation 1, carrying valid access_tokenhttp://localhost:8080/spring-oauth-server/m/dashboard?access_token= 8fc3782b-5e24-4816-80e6-879cb4d3f1cd
2, carry the failure access_tokenhttp://localhost:8080/spring-oauth-server/m/dashboard?access_token=942090fc-1aa0-4444-8127-57214680df3b
3, do not carry Access_token
Http://localhost:8080/spring-oauth-server/m/dashboard
4.Non-authorized URL access http://localhost:8080/spring-oauth-server/unity_user_info?access_token=8fc3782b-5e24-4816-80e6-879cb4d3f1cd
Spring-oauth-server Practice: Client and Server Environment setup