├── .gitignore ├── security-1 ├── .gitignore ├── src │ └── main │ │ ├── resources │ │ └── application.yml │ │ └── java │ │ └── com │ │ └── itmuch │ │ └── study │ │ └── SecurityApplication.java └── pom.xml └── pom.xml /.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | target/ 3 | .mvn 4 | *.iml 5 | DS_Store 6 | -------------------------------------------------------------------------------- /security-1/.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | !.mvn/wrapper/maven-wrapper.jar 3 | 4 | ### STS ### 5 | .apt_generated 6 | .classpath 7 | .factorypath 8 | .project 9 | .settings 10 | .springBeans 11 | 12 | ### IntelliJ IDEA ### 13 | .idea 14 | .mvn 15 | *.iws 16 | *.iml 17 | *.ipr 18 | 19 | ### NetBeans ### 20 | nbproject/private/ 21 | build/ 22 | nbbuild/ 23 | dist/ 24 | nbdist/ 25 | .nb-gradle/ -------------------------------------------------------------------------------- /security-1/src/main/resources/application.yml: -------------------------------------------------------------------------------- 1 | server: 2 | port: 8080 3 | security: 4 | user: 5 | password: user # 直接登录时的密码 6 | ignored: / 7 | sessions: never # session策略 8 | 9 | oauth2: 10 | sso: 11 | loginPath: /login # 登录路径 12 | client: 13 | clientId: dec027c4d1abbbf727c8 14 | clientSecret: 23ddbe1711bbc9e141e45ff51ab3270de8ae1c9d 15 | accessTokenUri: https://github.com/login/oauth/access_token 16 | userAuthorizationUri: https://github.com/login/oauth/authorize 17 | resource: 18 | userInfoUri: https://api.github.com/user 19 | preferTokenInfo: false 20 | -------------------------------------------------------------------------------- /security-1/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4.0.0 4 | 5 | com.itmuch.study 6 | security-1 7 | 0.0.10-SNAPSHOT 8 | jar 9 | 10 | security-1 11 | Spring Cloud Security示例 12 | 13 | 14 | com.itmuch.study 15 | spring-cloud-security-samples 16 | 0.0.10-SNAPSHOT 17 | 18 | 19 | 20 | 21 | UTF-8 22 | UTF-8 23 | 1.8 24 | 25 | 26 | 27 | 28 | org.springframework.cloud 29 | spring-cloud-starter-oauth2 30 | 31 | 32 | org.springframework.cloud 33 | spring-cloud-starter-security 34 | 35 | 36 | 37 | 38 | 39 | org.springframework.cloud 40 | spring-cloud-dependencies 41 | Camden.SR5 42 | pom 43 | import 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | org.springframework.boot 52 | spring-boot-maven-plugin 53 | 54 | 55 | 56 | 57 | 58 | spring-cloud-security-samples-0.0.6 59 | 60 | 61 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4.0.0 4 | 5 | com.itmuch.study 6 | spring-cloud-security-samples 7 | 0.0.10-SNAPSHOT 8 | pom 9 | 10 | 11 | org.springframework.boot 12 | spring-boot-starter-parent 13 | 1.5.2.RELEASE 14 | 15 | 16 | 17 | 18 | security-1 19 | 20 | 21 | 22 | UTF-8 23 | UTF-8 24 | 1.8 25 | https://github.com/itmuch/spring-cloud-security-samples.git 26 | 27 | 28 | 29 | scm:git:${git.url} 30 | scm:git:${git.url} 31 | ${git.url} 32 | spring-cloud-security-samples-0.0.6 33 | 34 | 35 | 36 | Releases 37 | Nexus Release Repository 38 | http://localhost:8081/repository/maven-releases/ 39 | 40 | 41 | Snapshots 42 | Nexus Snapshot Repository 43 | http://localhost:8081/repository/maven-snapshots/ 44 | 45 | 46 | 47 | 48 | 49 | 50 | org.apache.maven.plugins 51 | maven-release-plugin 52 | 2.5.2 53 | 54 | true 55 | 56 | 57 | 58 | 59 | 60 | -------------------------------------------------------------------------------- /security-1/src/main/java/com/itmuch/study/SecurityApplication.java: -------------------------------------------------------------------------------- 1 | package com.itmuch.study; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso; 6 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 7 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 8 | import org.springframework.stereotype.Component; 9 | import org.springframework.web.bind.annotation.GetMapping; 10 | import org.springframework.web.bind.annotation.RequestMapping; 11 | import org.springframework.web.bind.annotation.RestController; 12 | 13 | import java.security.Principal; 14 | 15 | @SpringBootApplication 16 | @RestController 17 | public class SecurityApplication { 18 | public static void main(String[] args) { 19 | SpringApplication.run(SecurityApplication.class, args); 20 | } 21 | 22 | @GetMapping("/welcome") 23 | public String welcome() { 24 | return "welcome"; 25 | } 26 | 27 | @RequestMapping("/user") 28 | public Principal user(Principal user) { 29 | return user; 30 | } 31 | 32 | @Component 33 | @EnableOAuth2Sso // 实现基于OAuth2的单点登录，建议跟踪进代码阅读以下该注解的注释，很有用 34 | public static class SecurityConfiguration extends WebSecurityConfigurerAdapter { 35 | @Override 36 | public void configure(HttpSecurity http) throws Exception { 37 | http. 38 | antMatcher("/**") 39 | // 所有请求都得经过认证和授权 40 | .authorizeRequests().anyRequest().authenticated() 41 | .and().authorizeRequests().antMatchers("/","/anon").permitAll() 42 | .and() 43 | // 这里之所以要禁用csrf，是为了方便。 44 | // 否则，退出链接必须要发送一个post请求，请求还得带csrf token 45 | // 那样我还得写一个界面，发送post请求 46 | .csrf().disable() 47 | // 退出的URL是/logout 48 | .logout().logoutUrl("/logout").permitAll() 49 | // 退出成功后，跳转到/路径。 50 | .logoutSuccessUrl("/"); 51 | } 52 | } 53 | } 54 | --------------------------------------------------------------------------------