Springboot + SpringSecurity (System Authentication and permission control)

To implement authentication and authorization control, we will use SpringCloud Security and OAuth2 standards to secure spring-based services.

OAuth2 profile

OAuth2 is a token-based security framework that allows users to authenticate using third-party authentication services. It breaks down security into four components

Protected resources:
Resource owner
The application
OAuth2 authenticates the server

The OAuth2 specification has the following four types of authorization

password
Client credentials
Authorization code
implicit

1. What is Spring Security? Designed to provide authentication and authorization management for Java applications, Spring Security is a powerful and customizable authentication and authorization control framework.

Authentication: Verifies whether the current user is a legitimate subject in the system, that is, whether the user can access the system. User authentication generally requires a user to enter a user name and password. The system verifies the user name and password to complete the authentication process.

Authorization: Verifies whether a user has the permission to perform certain operations. Different users in the system have different permissions. The system assigns different roles to different users, and each role has a series of system resource permissions.

Reference:

Spring Security Authentication (certification) custom development: www.jianshu.com/p/05168d777…
Blog.csdn.net/qq_36181797…
SpringCloud-security-oauth2

Github.com/startSnow/S…

Springboot + SpringSecurity (System Authentication and permission control)

OAuth2 profile

The OAuth2 specification has the following four types of authorization

Related Posts

The unspoken Java “lock” thing

Vue V-text, V-HTML, V-once, V-pre, V-cloak – 12 July 2020

Be open-minded to ask ZooKeeper and Zab for some doubts