yangxiufeng666 / micro-service-skeleton Goto Github PK
View Code? Open in Web Editor NEW微服务开发基础框架
微服务开发基础框架
我在下了源码之后,用postman在调试http://localhost:9030/uaa/oauth/token
一直报下面的错误
{
"timestamp": 1539248009450,
"status": 401,
"error": "Unauthorized",
"message": "Bad credentials",
"path": "/oauth/token"
}
配置文件就是从这里git下来的,有人能帮我一下吗,详细说一下吗
关于上述问题,在fank 帮助下,已经解决了,主要原因就是这一次升级后数据库脚本发生很大变化,原来rc_开头的表,全部换成sys_开头了,另外,原来oauth_client_details 表 webApp那条记录密码由原来的webApp换成123456再加密的!在此感谢fank,同时在这里也提出下一个问题就是monitor那个工程现在是不是不能用了,一是pom.xml注了zipkin的全部,二是MonitorApplication的注解@EnableZipkinServer出错!
望各位同仁或已解决了朋友,提出指教一下!
您好,权限体系这块我看了您的实现方式,先获取用户role拥有的menu,再把menu的code放进去:
GrantedAuthority authority = new SimpleGrantedAuthority(menu.getCode());
grantedAuthorities.add(authority);
再跟requestURL对比,去判断是否有权限
antPathMatcher.match(authority.getAuthority(),requestUrl)
这个对比方式我不太理解工作的原理,是要求把menu和接口的地址写成一样的吗?
就是所有访问资源服务器的请求全部从zuul上过,然后zuul上继承Ouath2的登陆认证和授权,这种方案具备可行性吗?
RT.
你好,springboot版本更新到2.0.7无法正常运行,spring cloud版本和springboot的版本并不对应,切换到2.0.3即可正常
DROP TABLE IF EXISTS oauth_approvals
;
CREATE TABLE oauth_approvals
(
userId
varchar(256) DEFAULT NULL,
clientId
varchar(256) DEFAULT NULL,
scope
varchar(256) DEFAULT NULL,
status
varchar(10) DEFAULT NULL,
expiresAt
timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
lastModifiedAt
timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
[Err] 1067 - Invalid default value for 'lastModifiedAt'
sql导入报错!!!
请问APIGateway层是只有一个对所有平台接入么,还是一个平台一个APIGateway,每个都不同,比如app应用和后台管理平台应用是对于两个不同的APIGateway,然后做不同的权限验证逻辑
在Micro-Service-Skeleton-Gateway中有一段配置,如果是直接走网关user-info-uri: http://localhost:9030/uaa/user, 获取接口数据时显示的是invalid_token。
不走网关使用user-info-uri: http://localhost:9060/user 就是成功的,不知道有什么区别?
如果有多个Micro-Service-Skeleton-Auth服务,怎么实现高可用?难道要使用nginx进行代理吗?如果走网关应该是不需要的。
security:
oauth2:
resource:
#获得授权端的当前用户信息url
#user-info-uri: http://localhost:9030/uaa/user, 如果是这样就访问不了,不知道为啥子??
user-info-uri: http://localhost:9060/user
prefer-token-info: false
README的图片看不到
认证服务器存的也只是 存的rolecode
Result<List> roleResult = roleService.getRoleByUserId(userVo.getId());
if (roleResult.getCode() != 100){
List roleVoList = roleResult.getData();
for (RoleVo role:roleVoList){
//角色必须是ROLE_开头,可以在数据库中设置
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_"+role.getValue());
grantedAuthorities.add(grantedAuthority);
//获取权限
Result<List> perResult = permissionService.getRolePermission(role.getId());
if (perResult.getCode() != 100){
List permissionList = perResult.getData();
for (MenuVo menu:permissionList
) {
GrantedAuthority authority = new SimpleGrantedAuthority(menu.getCode());
grantedAuthorities.add(authority);
}
}
而gateway
if (antPathMatcher.match(authority.getAuthority(),requestUrl))
代码格式太乱了,该对齐的没有对齐,看着太累
最新master 代码 已经跟oauth2没关系了啊,只看到了springframework.security,
文章开头的 基于OAUTH2.0统一认证授权的微服务基础架构 与代码不符?
url: localhost:9030/resource/getUser?access_token=eb765d62-f58c-4e7f-90d7-2f9ace5ec017
result: {"error":"access_denied","error_description":"Access is denied"}
求nacos配置
你好我把项目克隆下来,发现oauth2貌似没有客户端配置,请问这是什么原因?
请问sys_user表中的密码是多少?
http://localhost:9060/oauth/token?client_id=app&client_secret=app&grant_type=password&username=admin&password=123456
请求报错:
{
"error": "invalid_client",
"error_description": "Bad client credentials"
} 是什么问题?
您好,如果我有多个autherver ,那么客户端应该怎么配置呢?难道cloud内部也要架个nginx么。。。
使用10用户不断获取token,服务器cpu就爆满
刚学spring cloud,这个可以用来做APP后台吗?
请问webApp密码是多少
打开 Token 存入数据库
在启动项目的时候会报错
您好,我想问一下,资源服务被添加了安全限制之后,那么多个资源服务之间使用feign进行服务消费怎么办?会遇到401问题,这个怎么解决?
想知道到达gateway的请求是怎么转到auth的,这里没看见在gateway哪配置了
各个服务间调用的时候认证怎么弄啊大哥
我新下了代码后,在用postman进行http://localhost:9030/uaa/oauth/token时status=401,有人能说一下吗
{
"error": "access_denied",
"error_description": "Access is denied"
}
使用双节点是为了避免单点故障?
@OverRide
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
RcUserEntity userEntity = userService.findByUsername(username);
if (userEntity == null) {
throw new UsernameNotFoundException("用户:" + username + ",不存在!");
}
Set grantedAuthorities = new HashSet<>();
boolean enabled = true; // 可用性 :true:可用 false:不可用
boolean accountNonExpired = true; // 过期性 :true:没过期 false:过期
boolean credentialsNonExpired = true; // 有效性 :true:凭证有效 false:凭证无效
boolean accountNonLocked = true; // 锁定性 :true:未锁定 false:已锁定
List roleValues = roleService.getRoleValuesByUserId(userEntity.getId());
for (RcRoleEntity role:roleValues){
//角色必须是ROLE_开头,可以在数据库中设置
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_"+role.getValue());
grantedAuthorities.add(grantedAuthority);
//获取权限
List permissionList = permissionService.getPermissionsByRoleId(role.getId());
for (RcMenuEntity menu:permissionList
) {
GrantedAuthority authority = new SimpleGrantedAuthority(menu.getCode());
grantedAuthorities.add(authority);
}
}
User user = new User(userEntity.getUsername(), userEntity.getPassword(),
enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, grantedAuthorities);
return user;
}
这一块,请问作者具体是在哪里相关联的,假设我想设置授权给其它应用的访问权限跟自己网站不一样,请问该怎么配置呢?可以加个联系方式吗?
无测试问题,对于url的拦截有问题
application.yml #注释有乱码
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.