當(dāng)前位置：首頁 > news >正文

建站之星怎么用國外網(wǎng)站搭建

news 2025/7/2 22:04:52

建站之星怎么用,國外網(wǎng)站搭建,游戲公司怎么注冊,云南推廣由于網(wǎng)上博客大部分都只有登陸沒有退出，自己花了一些時(shí)間研究了一下，這里將相關(guān)內(nèi)容進(jìn)行記錄，基于Keyclaok 20的版本，實(shí)現(xiàn)springboot服務(wù)單點(diǎn)登錄與退出一、依賴  <dependencyManagement><d…

由于網(wǎng)上博客大部分都只有登陸沒有退出，自己花了一些時(shí)間研究了一下，這里將相關(guān)內(nèi)容進(jìn)行記錄，基于Keyclaok 20的版本，實(shí)現(xiàn)springboot服務(wù)單點(diǎn)登錄與退出

一、依賴

<!-- 在父工程中 -->
<dependencyManagement><dependencies><!-- 導(dǎo)入依賴 --><dependency><groupId>org.keycloak.bom</groupId><artifactId>keycloak-adapter-bom</artifactId><version>22.0.1</version><type>pom</type><scope>import</scope></dependency></dependencies>
</dependencyManagement><!-- 在子工程中 -->
<dependencies><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId></dependency><dependency><groupId>org.keycloak</groupId><artifactId>keycloak-spring-boot-starter</artifactId></dependency><dependency><groupId>org.keycloak</groupId><artifactId>keycloak-spring-security-adapter</artifactId></dependency>
</dependencies>

二、keycloak配置

這個(gè)是主要的，用設(shè)置攔截器實(shí)現(xiàn)登陸與退出

package com.example.basic.conf;import org.keycloak.KeycloakPrincipal;
import org.keycloak.KeycloakSecurityContext;
import org.keycloak.adapters.springboot.KeycloakSpringBootConfigResolver;
import org.keycloak.adapters.springsecurity.KeycloakConfiguration;
import org.keycloak.adapters.springsecurity.account.SimpleKeycloakAccount;
import org.keycloak.adapters.springsecurity.authentication.KeycloakAuthenticationProvider;
import org.keycloak.adapters.springsecurity.config.KeycloakWebSecurityConfigurerAdapter;
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
import org.springframework.security.core.session.SessionRegistryImpl;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;@KeycloakConfiguration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class KeycloakSecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter {@Autowiredpublic void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());auth.authenticationProvider(keycloakAuthenticationProvider);}@Bean@Overrideprotected SessionAuthenticationStrategy sessionAuthenticationStrategy() {return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());}@Beanpublic org.keycloak.adapters.KeycloakConfigResolver KeycloakConfigResolver() {return new KeycloakSpringBootConfigResolver();}@Overrideprotected void configure(HttpSecurity http) throws Exception {super.configure(http);http.logout()//攔截logout請求.logoutRequestMatcher(new AntPathRequestMatcher("/logout")).addLogoutHandler(keycloakLogoutHandler()).logoutSuccessHandler(logoutSuccessHandler()).deleteCookies("JSESSIONID").and()//設(shè)置哪些可以忽略掉授權(quán).authorizeRequests().antMatchers("/user/login", "/token/generate","/access/**", "/js/**","/css/**","/fonts/**", "/index.html", "/error").permitAll()//除了上面忽略掉授權(quán)請求，剩下所有必須經(jīng)過授權(quán)才可以訪問.antMatchers("/**").authenticated().and().cors().and().csrf().disable();}//處理logout自動(dòng)跳轉(zhuǎn)請求private LogoutSuccessHandler logoutSuccessHandler() {return new LogoutSuccessHandler() {@Overridepublic void onLogoutSuccess(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse, Authentication authentication)throws IOException, ServletException {KeycloakAuthenticationToken keycloakAuthenticationToken = (KeycloakAuthenticationToken)authentication;KeycloakSecurityContext keycloakSecurityContext =keycloakAuthenticationToken.getAccount().getKeycloakSecurityContext();String idTokenHint = keycloakSecurityContext.getIdTokenString();String issuer = keycloakSecurityContext.getIdToken().getIssuer();String keycloakBaseUrl = issuer + "/protocol/openid-connect/logout";String postLogoutRedirectUri = httpServletRequest.getScheme() + "://" + httpServletRequest.getHeader("host");String logoutUrl = keycloakBaseUrl + "?post_logout_redirect_uri=" + postLogoutRedirectUri + "&id_token_hint=" + idTokenHint;// Do logout by redirecting to Keycloak logouthttpServletResponse.sendRedirect(logoutUrl);}};}
}

查看全文

http://www.risenshineclean.com/news/33429.html

中文亚洲精品无码_熟女乱子伦免费_人人超碰人人爱国产_亚洲熟妇女综合网

建站之星怎么用國外網(wǎng)站搭建

相關(guān)文章：