只要授权服务器和资源服务器访问共享
tokenStore(例如,
JdbcTokenStore与common一起使用
dataSource),就可以这样做。您可以仅使用
DefaultTokenServices对您的shared的引用
tokenStore。下面是一个示例Spring配置,您应该可以对其进行调整以适合您的需求:
<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security" xmlns:oauth2="http://www.springframework.org/schema/security/oauth2" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2.xsd"><bean id="tokenStore" > <constructor-arg name="dataSource" ref="dataSource" /></bean><bean id="tokenServices" > <property name="tokenStore" ref="tokenStore" /></bean><bean id="authenticationEntryPoint" > <property name="realmName" value="myRealm" /></bean><bean id="oauthAccessDeniedHandler" /><bean id="accessDecisionManager" > <constructor-arg> <list> <bean /> <bean /> <bean /> </list> </constructor-arg></bean><!-- This is not actually used, but it's required by Spring Security --><security:authentication-manager alias="authenticationManager" /><oauth2:expression-handler id="oauthexpressionHandler" /><oauth2:web-expression-handler id="oauthWebexpressionHandler" /><security:global-method-security pre-post-annotations="enabled" proxy-target-> <security:expression-handler ref="oauthexpressionHandler" /></security:global-method-security><oauth2:resource-server id="myResource" resource-id="myResourceId" token-services-ref="tokenServices" /><security:http pattern="/myPattern/**" create-session="never" entry-point-ref="authenticationEntryPoint" access-decision-manager-ref="accessDecisionManager"> <security:anonymous enabled="false" /> <security:intercept-url pattern="/**" access="SCOPE_READ" method="GET" /> <security:intercept-url pattern="/**" access="SCOPE_READ" method="HEAD" /> <security:intercept-url pattern="/**" access="SCOPE_READ" method="OPTIONS" /> <security:intercept-url pattern="/**" access="SCOPE_WRITE" method="PUT" /> <security:intercept-url pattern="/**" access="SCOPE_WRITE" method="POST" /> <security:intercept-url pattern="/**" access="SCOPE_WRITE" method="DELETE" /> <security:custom-filter ref="myResource" before="PRE_AUTH_FILTER" /> <security:access-denied-handler ref="oauthAccessDeniedHandler" /> <security:expression-handler ref="oauthWebexpressionHandler" /></security:http></beans>
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)