Home Java javaTutorial How to use Java to develop a single sign-on system based on Spring Security OAuth2

How to use Java to develop a single sign-on system based on Spring Security OAuth2

Sep 20, 2023 pm 01:06 PM
java oauth spring security

如何使用Java开发一个基于Spring Security OAuth2的单点登录系统

How to use Java to develop a single sign-on system based on Spring Security OAuth2

Introduction:
With the rapid development of the Internet, more and more websites and applications require users to log in, but users do not want to remember an account and password for each website or application. The Single Sign-On (SSO) system can solve this problem, allowing users to access multiple websites and applications without repeated authentication after logging in once. This article will introduce how to use Java to develop a single sign-on system based on Spring Security OAuth2 and provide specific code examples.

1. Preparation work:
Before starting development, we need to prepare some basic tools and environments:

  1. JDK 1.8 and above;
  2. Maven 3.0 and above;
  3. Development IDE, such as Eclipse, IntelliJ IDEA, etc.;
  4. An available MySQL database.

2. Create a Spring Boot project:
First, we need to create a Spring Boot project and add the required dependencies. Open Eclipse or IntelliJ IDEA, click "New", select "Spring Starter Project", and fill in the necessary information (such as project name, package name, etc.). Then, add the following dependencies to the project's pom.xml file:

<dependencies>
   <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-web</artifactId>
   </dependency>
   <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-security</artifactId>
   </dependency>
   <dependency>
       <groupId>org.springframework.security.oauth</groupId>
       <artifactId>spring-security-oauth2</artifactId>
       <version>2.3.4.RELEASE</version>
   </dependency>
   <!-- 添加其他需要的依赖 -->
</dependencies>
Copy after login

3. Configure Spring Security OAuth2:
Next, we need to configure the Spring Security OAuth2 module. Create a file named application.yml in the src/main/resources directory and add the following configuration information:

spring:
   security:
       oauth2:
           client:
               registration:
                   custom:
                       client-id: {your-client-id}
                       client-secret: {your-client-secret}
                       provider: custom
                       auth-uri: {authorization-uri}
                       token-uri: {token-uri}
                       user-info-uri: {user-info-uri}
                       redirect-uri: {redirect-uri}
                       scope: {scope-list}
               provider:
                   custom:
                       authorization-uri: {authorization-uri}
                       token-uri: {token-uri}
                       user-info-uri: {user-info-uri}
           resource:
               user-info-uri: {user-info-uri}
Copy after login

In the above configuration, {your-client-id}, {your-client-secret} , {authorization-uri}, {token-uri}, {user-info-uri}, {redirect-uri} and {scope-list} need to be replaced with actual values ​​respectively.

4. Create a login page:
Next, we need to create a login page for user login. Create a file named login.html in the src/main/resources/templates directory and add the following code:

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Login</title>
</head>
<body>
    <h2>Login</h2>
    <form method="post" action="/login">
        <div>
            <label for="username">Username:</label>
            <input type="text" id="username" name="username" />
        </div>
        <div>
            <label for="password">Password:</label>
            <input type="password" id="password" name="password" />
        </div>
        <button type="submit">Login</button>
    </form>
</body>
</html>
Copy after login

5. Create an authentication and authorization server:
Next, we need to create an An authentication server (Authorization Server) and an authorization server (Resource Server) handle user authentication and authorization. Create a Java class named SecurityConfig and add the following code:

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
   
   @Override
   protected void configure(HttpSecurity http) throws Exception {
      http.authorizeRequests().antMatchers("/login").permitAll().anyRequest().authenticated()
           .and().formLogin().loginPage("/login").permitAll()
           .and().logout().logoutSuccessUrl("/login?logout").permitAll();

      http.csrf().disable();
   }
   
   @Override
   protected void configure(AuthenticationManagerBuilder auth) throws Exception {
      auth.inMemoryAuthentication()
           .withUser("admin").password("{noop}admin").roles("ADMIN");
   }
}
Copy after login

6. Create a resource server:
Next, we need to create a resource server to protect our API. Create a Java class named ResourceServerConfig and add the following code:

@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
   
   @Override
   public void configure(HttpSecurity http) throws Exception {
      http.authorizeRequests().antMatchers("/api/**").authenticated();
   }

}
Copy after login

7. Test single sign-on:
At this point, we have completed the development of the single sign-on system. We can run the application and log in by accessing the login page (http://localhost:8080/login) through the browser. After successful login, we can access other protected resources by adding Access Token in the request header.

Conclusion:
This article introduces how to use Java to develop a single sign-on system based on Spring Security OAuth2, and provides specific code examples. By using a single sign-on system, users can easily access multiple websites and applications without having to authenticate repeatedly. I hope this article can help readers better understand and apply the relevant knowledge of Spring Security OAuth2.

The above is the detailed content of How to use Java to develop a single sign-on system based on Spring Security OAuth2. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Square Root in Java Square Root in Java Aug 30, 2024 pm 04:26 PM

Guide to Square Root in Java. Here we discuss how Square Root works in Java with example and its code implementation respectively.

Perfect Number in Java Perfect Number in Java Aug 30, 2024 pm 04:28 PM

Guide to Perfect Number in Java. Here we discuss the Definition, How to check Perfect number in Java?, examples with code implementation.

Random Number Generator in Java Random Number Generator in Java Aug 30, 2024 pm 04:27 PM

Guide to Random Number Generator in Java. Here we discuss Functions in Java with examples and two different Generators with ther examples.

Weka in Java Weka in Java Aug 30, 2024 pm 04:28 PM

Guide to Weka in Java. Here we discuss the Introduction, how to use weka java, the type of platform, and advantages with examples.

Armstrong Number in Java Armstrong Number in Java Aug 30, 2024 pm 04:26 PM

Guide to the Armstrong Number in Java. Here we discuss an introduction to Armstrong's number in java along with some of the code.

Smith Number in Java Smith Number in Java Aug 30, 2024 pm 04:28 PM

Guide to Smith Number in Java. Here we discuss the Definition, How to check smith number in Java? example with code implementation.

Java Spring Interview Questions Java Spring Interview Questions Aug 30, 2024 pm 04:29 PM

In this article, we have kept the most asked Java Spring Interview Questions with their detailed answers. So that you can crack the interview.

Break or return from Java 8 stream forEach? Break or return from Java 8 stream forEach? Feb 07, 2025 pm 12:09 PM

Java 8 introduces the Stream API, providing a powerful and expressive way to process data collections. However, a common question when using Stream is: How to break or return from a forEach operation? Traditional loops allow for early interruption or return, but Stream's forEach method does not directly support this method. This article will explain the reasons and explore alternative methods for implementing premature termination in Stream processing systems. Further reading: Java Stream API improvements Understand Stream forEach The forEach method is a terminal operation that performs one operation on each element in the Stream. Its design intention is

See all articles