springsecurity oauth2sso 客户端单点登陆

依赖

<dependency>
   <groupId>org.springframework.cloud</groupId>
   <artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>

配置

websecurity

@Configuration
@EnableWebSecurity
@EnableOAuth2Sso
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/favicon.ico");
    }
}

application.yml

security:
  oauth2:
    client:
      client-id: client1
      client-secret: 1234
      access-token-uri: http://authServer/oauth/token
      user-authorization-uri: http://authServer/oauth/authorize
      scope: all
    resource:
      token-info-uri: http://authServer/oauth/check_token
#如果客户端与认证服务器部署在同一个URL,需要为sessionid配置不同的cookie key,防止被覆盖导致与认证服务器的会话丢失
server:
  servlet:
    session:
      cookie:
        name: ${spring.application.name}_SESSIONID

posted on 2020-03-30 16:14  路过君  阅读(140)  评论(0编辑  收藏  举报

导航