【发布时间】:2020-10-16 18:52:21
【问题描述】:
这是我上一堂课
@EnableResourceServer 已弃用,ResourceServerConfigurerAdapter
@Configuration
@EnableResourceServer (depreciated)
@Import(SecurityProblemSupport.class)
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
@Profile("no-security")
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter (depreciated) {
private final SecurityProblemSupport problemSupport;
private final String name;
@Autowired
public ResourceServerConfiguration(
SecurityProblemSupport problemSupport, @Value("${spring.application.name}") String name) {
this.problemSupport = problemSupport;
this.name = name;
}
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
resources.authenticationEntryPoint(problemSupport);
resources.accessDeniedHandler(problemSupport);
resources.resourceId(name);
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/api/**")
.authenticated()
.antMatchers("/api/config")
.permitAll()
.antMatchers("/**")
.permitAll();
}
}
我应该如何调整这个类以使用我升级的 Spring-security-oauth 2.4.1.RELEASE?
【问题讨论】:
-
Spring Security OAuth2 项目目前已被弃用,Spring Security 团队已决定不再为授权服务器提供支持。
-
@Amitkumar 这个问题是关于 Spring Security 完全支持的资源服务器。关于授权服务器,Spring Security 团队宣布了一个新的社区驱动项目,Spring Authorization Server
标签: spring-boot spring-security