wiselyman / uaa-zuul Goto Github PK
View Code? Open in Web Editor NEW使用OAUTH2+Zuul实现认证和授权
使用OAUTH2+Zuul实现认证和授权
請問一下,我看SysUserRepository需要implement findOneWithRolesByUsername function,但我找不到實作的程式,可以請教你一下,在哪呢?
项目需要提供多终端支持使用,例如PC、Ipad、app等。在zuul多实例的情况下,如何share authenticationConctext?官方使用的是在zuul上实现spring-session,但是感觉这样并不是很好。而并且作者说@EnableOAuth2Sso不太适合面对多终端的情况,请问有什么好的建议处理吗?
http://localhost:8080/uaa/oauth/token 获取token的时候 返回
{
"error": "unauthorized",
"error_description": "could not deserialize; nested exception is org.hibernate.type.SerializationException: could not deserialize"
}
但是服务不报错
如题
{
"timestamp": 1528544068591,
"status": 401,
"error": "Unauthorized",
"message": "Full authentication is required to access this resource",
"path": "/oauth/token"
}
里面没有建表脚本
请问如何通过Header 发送 access_token 呢?我看到测试例子里边用的都是get请求,而且我试过把access_token放到Header里边,,,无效的,,不知道怎么配置呢
目前的服务能正确运行吗?
我这边换了mysql数据库,配置文件也改成mysql的了,可是为什么请求的时候出现反序列化错误。
日志打印的sql去数据库查询了,没有错误。数据库的字段也是项目启动自动生成的,数据也初始化进去了。
错误信息:{
"error": "unauthorized",
"error_description": "could not deserialize; nested exception is org.hibernate.type.SerializationException: could not deserialize"
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.authenticationManager(authenticationManager)
.userDetailsService(userDetailsService)//若无,refresh_token会有UserDetailsService is required错误
.tokenStore(tokenStore());
}
userDetailsService 在哪儿定义的呢
服务全部启动成功后,访问 http://localhost:8080/uaa/oauth/token?grant_type=password&username=admin&password=admin [就返回乱码,但是后端是执行成功的!其他服务都一样,启动成功,第一、二次请求就返回乱码,但是第三次请求就正常返回信息了,就正常返回信息了,请大佬指教一下!
刚刚拉下的代码,少了userDetailsService
文档写错了
应该是:
Authorization Code:用在移动app或者web app(这些app是在用户的设备上的,如在手机上调起微信来进行认证授权)
Implicit:用在服务端应用之间
access-token-uri: http://localhost:8080/uaa/oauth/token
这个地址是access-token-uri: http://localhost:9999/uaa/oauth/token
还是access-token-uri: http://localhost:8080/uaa/oauth/token
大神请教一下。这个uaa-zuul的demo是在每个普通微服务上建立ResourceServer来保护api的。 这样子每次创建一个新的微服务都要配置一个ResourceServer的配置,略显的麻烦了。 我想在Zuul网关上统一创建一个ResourceServer来实现权限管理, 然后自个儿实现了一下,在zuul服务中 把SecurityConfig的configure(http)方法里面的http参数这么设置,http.authorizeRequests().antMatchers("/order/user").permitAll().anyRequest().authenticated();
然后通过链接发送http://localhost:xxxx/order/user,结果这个链接并没有被放行,还是需要获取token来得到Authentication 对象,并且在tokenService中找不到对应这个token的Authentication(此时我已经把token以Breaer类型写入到请求头中了,并且在application.yml中配置了auth服务获取userinfo的地址了),这个问题研究了好久了, 一直没有得到解决,
我发现注销有时候可以注销,有时候不能注销
@controller
public class UserController {
@RequestMapping(value = "/user", produces = "application/json")
@responsebody
public Principal user(Principal user){
return user;
}
@Autowired
@Qualifier("consumerTokenServices")
ConsumerTokenServices consumerTokenServices;
@RequestMapping(value = "/loginOut")
@ResponseBody
public String revokeToken(String access_token) {
try {
if (consumerTokenServices.revokeToken(access_token)) {
return "注销成功";
} else {
return "注销失败";
}
} catch (Exception e) {
e.printStackTrace();
return "异常";
}
}
}
发现这样写就可以实现注销了,当然写个 .antMatchers("/loginOut").permitAll()
comment: 是我参数写错
如题
Whitelabel Error Page
This application has no explicit mapping for /error, so you are seeing this as a fallback.
Wed Dec 20 18:06:17 CST 2017
There was an unexpected error (type=Unauthorized, status=401).
Unauthorized
请问为什么会出现这样情况
两套独立的系统但是有一定程度上的调用关系, 需要上微服务吗
能否给下建表SQL
导入成功了,各个模块都可以正常启动,但是password模式下登录老是提示401?是需要修改哪里?麻烦给指点下
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.