Springboot 3 + Spring Security 6 + OAuth2 入门级最佳实践
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.oauth2ResourceServer()
.jwt();
}
}
这个配置类扩展了WebSecurityConfigurerAdapter
,并覆盖了configure
方法来配置Spring Security。它使用了OAuth2资源服务器支持来配置Spring Security,使其能够验证JWT令牌。这是一个典型的Spring Security配置,用于保护Spring Boot应用程序的资源。
评论已关闭