Comments (13)
请按以下模板补充问题
1、问题描述
2、日志/堆栈信息
Just paste your stack trace here!
4、是否对工程进行修改,请说明修改内容
5、环境信息
- Lion Version:
- Java Version:
- OS:
- Other:
from lion.
请按以下模板补充问题
1、问题描述
启动网关,认证中心,然后进行授权码模式访问。访问过程中发现跳转到默认的登录页面后,登录成功,进入404,没有重定向至授权码的页面
2、日志/堆栈信息
Just paste your stack trace here!
4、是否对工程进行修改,请说明修改内容
5、环境信息
Lion Version: 最新版本
Java Version: 11
OS:
Other:windows
from lion.
目前版本仅可采用密码模式(password),授权码模式(authorization_code)无法访问问题将在下个版本修复,该问题临时处理方式可参考以下步骤
@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Autowired
private RedisConnectionFactory redisConnectionFactory;
@Value("#{'${pattern.permit.urls:}'}")
private String[] permitUrls;
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
resources
.tokenStore(new RedisTokenStore(redisConnectionFactory))
.authenticationEntryPoint(new CustomAuthenticationEntryPoint())
.accessDeniedHandler(new CustomAccessDeniedHandler());
}
@Override
public void configure(HttpSecurity http) throws Exception {
String[] excludeUrls = ArrayUtils.addAll(SecurityConstant.PATTERN_URLS, permitUrls);
http
.cors()
.and()
.csrf().disable()
.requestMatchers().antMatchers("/api/**")
.and()
.authorizeRequests()
.antMatchers(excludeUrls).permitAll()
.anyRequest().authenticated();
}
}
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsServiceImpl userDetailsService;
@Bean
public PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder());
}
}
from lion.
从认证中心发起ok,授权码模式验证通过。
从网关发起之后,登录之后,404。我这边已经解决~
需要在路由中配置一下oauth的跳转,不知道大佬还有什么好的解决方案?
from lion.
在路由中如何配置的oauth跳转?
from lion.
from lion.
无需配置多个路由规则,网关跳转404问题已经修复,下个版本会一起发布
from lion.
好的,大概啥时候发版本~
from lion.
bugfix: since 2.0.3
from lion.
网关发起还是有这个问题,最新代码测试~
认证中心ok~
from lion.
@micyo202 授权码登录好像有些不对, 跳转到登录页面的地址是权限认证服务的地址, 应该跳转到网关地址才行吧.
from lion.
是指网关发起授权认证,跳转登录页面会重定向到auth服务的URL吗?
若想保证重定向依然在网关内地址,可采用 @qiaoqiao888 提供的配置多个路由规则方法:(https://github.com/micyo202/lion/issues/6#issuecomment-610265069)
将登录/授权重定向的url配置在gateway网关服务的路由规则里即可,在application.yml中增加配置如下,如下所示
- id: lion-auth-login
uri: lb://lion-auth
predicates:
- Path=/login
filters:
- PreserveHostHeader
- id: lion-auth-authorize
uri: lb://lion-auth
predicates:
- Path=/oauth/authorize
filters:
- PreserveHostHeader
from lion.
@micyo202 是的. 谢谢, 我去试试
from lion.
Related Issues (16)
- 说好滴区块链呢 HOT 1
- jwt token 生成方式 HOT 3
- 登录响应
- English translations for the repository documentation and README
- 微服务模块发布的RESTful接口,应该从哪里开始访问? HOT 1
- 微服务内部大规模调用 ,会出现报错 HOT 1
- 数据库lion的角色默认密码是多少哦 HOT 2
- 分布锁 HOT 1
- 没有交流群吗 HOT 1
- 关于鉴权问题 HOT 2
- springboot admin和gateway通信端口超时,有交流群吗
- master 分支feign调用失败 HOT 4
- 详见 https://github.com/micyo202/lion/issues/6#issue-592669400 HOT 1
- 问题请教:为什么auth模块不同样开发为privider、consumer模式? HOT 7
- 使用方式请教 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lion.