Spring security @EnableResourceServer:映射角色
如何在资源服务器中映射角色 我在Spring Boot中创建了我认为最简单的资源服务器实现: Application.javaSpring security @EnableResourceServer:映射角色,spring-security,jwt,spring-security-oauth2,Spring Security,Jwt,Spring Security Oauth2,如何在资源服务器中映射角色 我在Spring Boot中创建了我认为最简单的资源服务器实现: Application.java @SpringBootApplication @RestController @EnableResourceServer public class Application { public static void main(String[] args) { SpringApplication.run(Application.class, args
@SpringBootApplication
@RestController
@EnableResourceServer
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
@RequestMapping(value = "/user")
public Principal user(Principal principal) {
return principal;
}
}
security.oauth2.resource.user-info-uri=myUserInfoUri
security.oauth2.client.client-id=myId
security.oauth2.client.client-secret=mySecret
...
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
</dependency>
</dependencies>
如何从令牌中提取所需信息?我已通过在KeyClope客户端中创建令牌映射器解决了这个问题。 在我的示例中,映射器具有以下参数:
- 姓名:当局
- 映射器类型:用户域角色
- 令牌声明名称:authorities
- 添加到访问令牌:打开
- 添加到userinfo:on
詹皮耶罗 你能发一段代码吗?我有一个有效的解决方案,但忘了张贴,但鉴于你先回答,我给你一个正确答案的机会才是公平的!如果没有,我将在一周内发布解决方案。@andy-n我没有任何代码,只是在Keyclope admin console.Ahhh中编辑了客户端。好的,对不起,没说到点子上。因为JWT令牌上的属性是“authorities”,所以Spring Boot会自动获取它。回答得好!
...
"userAuthentication": {
"authorities": [
{
"authority": "ROLE_USER"
}
],
"details": {
"sub": "93f566bd-df68-4c68-b3c6-0173c476bc02",
"name": "Andrew Neeson",
"preferred_username": "andy",
"given_name": "Andrew",
"family_name": "Neeson",
...
...
"realm_access": {
"roles": [
"role_1",
"role_2"
]
},
"resource_access": {
"account": {
"roles": [
"manage-account",
"view-profile"
]
}
},
"name": "Andrew Neeson",
"preferred_username": "andy",
"given_name": "Andrew",
"family_name": "Neeson",
...