Spring boot 如何在zuul proxy spring boot、Sprng Security、spring-Security-oauth2的下游服务器中获取安全主体值
我使用SpringBoot、SpringSecurity、SpringOAuth2、Eureka服务器和Zuul代理创建微服务。我创建了以下三个项目Spring boot 如何在zuul proxy spring boot、Sprng Security、spring-Security-oauth2的下游服务器中获取安全主体值,spring-boot,spring-security,netflix-eureka,netflix-zuul,Spring Boot,Spring Security,Netflix Eureka,Netflix Zuul,我使用SpringBoot、SpringSecurity、SpringOAuth2、Eureka服务器和Zuul代理创建微服务。我创建了以下三个项目 注册Eureka:用于在Eureka服务器中注册我的服务 gatway Zuul:我实现了Zuul代理服务器、spring security和spring-security-oauth2。它工作正常,正在生成令牌,并成功地将请求转发给其他微服务 第三个微服务用于创建restful服务,它工作正常 问题:我需要在micorest项目控制员处获得登录的
@RequestMapping(value = "/user", method = RequestMethod.GET)
public User getUser(Principal principal)
{
try
{
System.out.println("fine here mueraza"+principal.getName());
}
catch(Exception e) {
System.out.println("fine here mueraza===========principal is null==============");
}
return new User();
}
我使用Principal获取值,但它始终为null
@SpringBootApplication
@EnableDiscoveryClient
@EnableZuulProxy
public class GatewayZullApplication {
public static void main(String[] args) {
SpringApplication.run(GatewayZullApplication.class, args);
}
}
Aouth2配置
@Configuration
@EnableOAuth2Client
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
private static String REALM="microclient";
private static final int ONE_DAY = 60 * 60 * 24;
private static final int THIRTY_DAYS = 60 * 60 * 24 * 30;
@Autowired
private TokenStore tokenStore;
@Autowired
private UserApprovalHandler userApprovalHandler;
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("microclient")
.secret("{noop}secret")
.authorizedGrantTypes("password", "refresh_token")
.authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
.scopes("read", "write", "trust")
//.accessTokenValiditySeconds(ONE_DAY)
.accessTokenValiditySeconds(6000)
.refreshTokenValiditySeconds(THIRTY_DAYS);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.tokenStore(tokenStore).userApprovalHandler(userApprovalHandler)
.authenticationManager(authenticationManager);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.realm(REALM);
}
}
您可以从Jwt令牌获取委托人。 将用户实体加载到Jwt令牌声明中 如果需要从任何服务访问用户实体详细信息:
供您参考:我只是起诉oauth2而不是jwt是否有其他解决方案来解析oath2 tocken