spring 安全性:@EnableResourceServer 与 oauth2ResourceServer()
spring security: @EnableResourceServer vs oauth2ResourceServer()
使用@EnableResourceServer和使用HttpSecurity.oauth2ResourceServer()有什么区别?我为什么要使用其中之一?
@EnableResourceServer 是来自 Spring 安全 OAuth 项目的注释,该项目正在被 Spring Security 5. In essence, it loads ResourceServerConfiguration, which extends WebSecurityConfigurerAdapter and configures it, creating a filter chain that gives your application resource server functionality. Check out the docs or its source code 中的新 OAuth 功能所取代以获取更多信息。
http.oauth2ResourceServer() 在创建过滤器的当前 Spring Security 5 reference and is the way to go. It creates a BearerTokenAuthenticationFilter that intercepts requests, extracts any Bearer Tokens and attempts to authenticate. For more details, check out the source code for the filter or for the configurer 中。
使用@EnableResourceServer和使用HttpSecurity.oauth2ResourceServer()有什么区别?我为什么要使用其中之一?
@EnableResourceServer 是来自 Spring 安全 OAuth 项目的注释,该项目正在被 Spring Security 5. In essence, it loads ResourceServerConfiguration, which extends WebSecurityConfigurerAdapter and configures it, creating a filter chain that gives your application resource server functionality. Check out the docs or its source code 中的新 OAuth 功能所取代以获取更多信息。
http.oauth2ResourceServer() 在创建过滤器的当前 Spring Security 5 reference and is the way to go. It creates a BearerTokenAuthenticationFilter that intercepts requests, extracts any Bearer Tokens and attempts to authenticate. For more details, check out the source code for the filter or for the configurer 中。