sureness认证鉴权框架.rar_添加sureness鉴权资源-CSDN文库

共610个文件

java：217个

md：125个

png：110个

restful

apache

spring

boot

需积分: 5 99 浏览量 2023-07-11 22:17:07 上传评论收藏 4.73MB RAR 举报

资源推荐

资源详情

资源评论

收起资源包目录

sureness认证鉴权框架.rar （610个子文件）

application.conf 167B

custom.css 8KB

navbar.css 3KB

styles.module.css 3KB

Robot.module.css 3KB

highlight.module.css 2KB

LogoCarousel.module.css 1KB

hero.css 653B

Section.module.css 366B

docsearch.css 339B

buttons.css 302B

Feature.module.css 198B

.dockerignore 75B

spring.factories 177B

Dockerfile.fast-jar 2KB

.gitignore 353B

.gitignore 308B

.gitignore 233B

.gitignore 46B

index.html 4KB

index.html 245B

TirePathTree.java 18KB

SurenessAutoConfiguration.java 13KB

JsonWebTokenUtil.java 11KB

ClassScanner.java 11KB

SimulateController.java 8KB

TirePathTreeTest.java 7KB

SimulateController.java 7KB

DigestSubject.java 7KB

RoleController.java 6KB

DefaultPathRoleMatcher.java 5KB

SurenessConfiguration.java 5KB

DigestProcessor.java 5KB

SurenessFilter.java 5KB

SurenessFilterExample.java 5KB

SurenessSecurityManager.java 5KB

DefaultSurenessConfig.java 5KB

JwtSubject.java 5KB

SurenessConfiguration.java 5KB

SurenessFilterExample.java 5KB

PasswordSubject.java 5KB

CustomTokenSubject.java 5KB

SurenessSecurityManagerTest.java 5KB

Application.java 4KB

SessionSubject.java 4KB

AccountController.java 4KB

AccountServiceImpl.java 4KB

DigestSubjectServletCreator.java 4KB

CustomTokenProcessor.java 4KB

RoleServiceImpl.java 4KB

DigestSubjectSpringReactiveCreator.java 4KB

SurenessFilter.java 4KB

DigestSubjectJaxRsCreator.java 4KB

ResourceController.java 4KB

SurenessProperties.java 4KB

DocumentResourceDefaultProvider.java 4KB

DigestSubjectSolonCreator.java 4KB

DefaultPathRoleMatcherTest.java 4KB

SurenessConfiguration.java 4KB

AnnotationPathTreeProvider.java 4KB

SurenessConfiguration.java 4KB

SurenessFilter.java 4KB

GlobalExceptionHandler.java 4KB

SurenessConfiguration.java 4KB

JsonWebTokenUtilTest.java 4KB

XssSqlUtil.java 4KB

AuthResourceDaoTest.java 3KB

PasswordProcessor.java 3KB

SurenessCommonUtil.java 3KB

ServletUtil.java 3KB

SurenessConfiguration.java 3KB

AuthRoleResourceBindDaoTest.java 3KB

JwtProcessor.java 3KB

SinglePrincipalMap.java 3KB

BasicSubjectServletCreator.java 3KB

BasicSubjectSpringReactiveCreator.java 3KB

BasicSubjectReactiveCreator.java 3KB

ResourceServiceImpl.java 3KB

NoneSubject.java 3KB

SurenessFilter.java 3KB

DefaultProcessorManager.java 3KB

MicronautSurenessFilterExample.java 3KB

BasicSubjectJaxRsCreator.java 3KB

AuthUserRoleBindDaoTest.java 3KB

DocumentResourceAccess.java 3KB

SurenessFilterExample.java 3KB

SurenessSubjectFactoryTest.java 3KB

UserController.java 3KB

BasicSubjectReactiveCreator.java 3KB

SurenessSubjectSum.java 3KB

SurenessContextHolder.java 3KB

DefaultAccount.java 3KB

JwtSubjectSpringReactiveCreator.java 3KB

BasicSubjectSolonCreator.java 3KB

共 610 条

# Using Sureness to protect the security of micronaut REST API Using Sureness to secure micronaut REST API by providing authentication(JWT,Basic,Digest) and authorization(RBAC) ## What You Will Learn * Creating a simple REST API using micronaut * Learn how to integrate Sureness into a micronaut application * Test API authentication - use JWT Auth, Basic Auth, Digest Auth to test the security of the REST API * Test API authorization - use different users to verify that they can access the REST API The tutorial assumes that you know what JWT, Basic Auth, Digest Auth, RBAC are. If you do not, then you can check [jwt](https://jwt.io/introduction/), [basic auth](https://docs.oracle.com/cd/E50612_01/doc.11122/user_guide/content/authn_http_basic.html) , [digest auth](https://docs.oracle.com/cd/E50612_01/doc.11122/user_guide/content/authn_http_digest.html), [rbac](https://en.wikipedia.org/wiki/Role-based_access_control) for an introduction. ## Setting Up Dependencies First, you will need to create a maven project and add micronautn, Sureness dependencies coordinate ```` <properties> <release.version>8</release.version> <maven.compiler.source>1.8</maven.compiler.source> <maven.compiler.target>1.8</maven.compiler.target> <packaging>jar</packaging> <jdk.version>1.8</jdk.version> <micronaut.version>2.4.3</micronaut.version> <micronaut-maven-plugin.version>1.1.8</micronaut-maven-plugin.version> <maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version> <exec.mainClass>com.usthe.sureness.micronaut.Application</exec.mainClass> <micronaut.runtime>netty</micronaut.runtime> </properties> <dependencyManagement> <dependencies> <dependency> <groupId>io.micronaut</groupId> <artifactId>micronaut-bom</artifactId> <version>${micronaut.version}</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement> <dependencies> <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-simple</artifactId> <version>1.7.30</version> </dependency> <dependency> <groupId>com.usthe.sureness</groupId> <artifactId>sureness-core</artifactId> </dependency> <dependency> <groupId>io.micronaut</groupId> <artifactId>micronaut-inject</artifactId> <scope>compile</scope> </dependency> <dependency> <groupId>io.micronaut</groupId> <artifactId>micronaut-validation</artifactId> <scope>compile</scope> </dependency> <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> <scope>runtime</scope> </dependency> <dependency> <groupId>org.junit.jupiter</groupId> <artifactId>junit-jupiter-api</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>org.junit.jupiter</groupId> <artifactId>junit-jupiter-engine</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>io.micronaut.test</groupId> <artifactId>micronaut-test-junit5</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>io.micronaut</groupId> <artifactId>micronaut-http-client</artifactId> <scope>compile</scope> </dependency> <dependency> <groupId>io.micronaut</groupId> <artifactId>micronaut-http-server-netty</artifactId> <scope>compile</scope> </dependency> <dependency> <groupId>io.micronaut</groupId> <artifactId>micronaut-runtime</artifactId> <scope>compile</scope> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>io.micronaut.build</groupId> <artifactId>micronaut-maven-plugin</artifactId> <version>${micronaut-maven-plugin.version}</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <version>${maven-compiler-plugin.version}</version> <configuration> <annotationProcessorPaths combine.children="append"> <path> <groupId>io.micronaut</groupId> <artifactId>micronaut-inject-java</artifactId> <version>${micronaut.version}</version> </path> <path> <groupId>io.micronaut</groupId> <artifactId>micronaut-validation</artifactId> <version>${micronaut.version}</version> </path> </annotationProcessorPaths> <compilerArgs> <arg>-Amicronaut.processing.group=com.usthe.sureness</arg> <arg>-Amicronaut.processing.module=micronaut-sureness</arg> </compilerArgs> </configuration> </plugin> </plugins> </build> ```` - [User Guide](https://docs.micronaut.io/2.4.3/guide/index.html) - [API Reference](https://docs.micronaut.io/2.4.3/api/index.html) - [Configuration Reference](https://docs.micronaut.io/2.4.3/guide/configurationreference.html) - [Micronaut Guides](https://guides.micronaut.io/index.html) We need to create a simple micronautn app and provide some REST API for test. ## Setting Up Sureness #### 1.Run Micronaut Application ``` import io.micronaut.runtime.Micronaut; public class Application{ public static void main(String[] args) { Micronaut.run(Application.class, args); } } ``` #### 2. Config Document Datasource - `sureness.yml` Sureness authentication requires us to provide our own account data, role permission data. These data may come from document, databases,, annotations, etc. When we use sureness default configuration above, the datasource is document - `sureness.yml`. Create a file named `sureness.yml` in the `resource` directory. Configure account data, role permission data in the `sureness.yml`. eg: ````yaml ## -- sureness.yml document dataSource-- ## # load api resource which need be protected, config role who can access these resource. # resources that are not configured are also authenticated and protected by default, but not authorized # eg: /api/v2/host===post===[role2,role3] means /api/v2/host===post can be access by role2,role3 # eg: /api/v1/source2===get===[] means /api/v1/source2===get can not be access by any role resourceRole: - /api/v1/source1===get===[role2] - /api/v1/source1===post===[role1] - /api/v1/source1===delete===[role3] - /api/v1/source1===put===[role1,role2] - /api/v1/source2===get===[] - /api/v2/host===post===[role2,role3] - /api/v2/host===get===[role2,role3] - /api/v2/host===delete===[role2,role3] - /api/v2/host===put===[role2,role3] - /api/v3/*===*===[role1,role2,role3] # load api resource which do not need be protected, means them need be excluded. # these api resource can be access by everyone excludedResource: - /api/v3/host===get - /**/*.html===get - /**/*.js===get - /**/*.css===get - /**/*.ico===get # account info # there are three account: admin, root, tom # eg: admin has [role1,role2] ROLE, unencrypted password is admin, encrypted password is 0192023A7BBD73250516F069DF18B500 # eg: root has role1, unencrypted password is 23456 # eg: tom has role3, unencrypted password is 32113 account:

评论收藏

内容反馈