# Using Sureness to protect the security of micronaut REST API
Using Sureness to secure micronaut REST API by providing authentication(JWT,Basic,Digest) and authorization(RBAC)
## What You Will Learn
* Creating a simple REST API using micronaut
* Learn how to integrate Sureness into a micronaut application
* Test API authentication - use JWT Auth, Basic Auth, Digest Auth to test the security of the REST API
* Test API authorization - use different users to verify that they can access the REST API
The tutorial assumes that you know what JWT, Basic Auth, Digest Auth, RBAC are. If you
do not, then you can check [jwt](https://jwt.io/introduction/), [basic auth](https://docs.oracle.com/cd/E50612_01/doc.11122/user_guide/content/authn_http_basic.html) , [digest auth](https://docs.oracle.com/cd/E50612_01/doc.11122/user_guide/content/authn_http_digest.html), [rbac](https://en.wikipedia.org/wiki/Role-based_access_control) for an introduction.
## Setting Up Dependencies
First, you will need to create a maven project and add micronautn, Sureness dependencies coordinate
````
<properties>
<release.version>8</release.version>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<packaging>jar</packaging>
<jdk.version>1.8</jdk.version>
<micronaut.version>2.4.3</micronaut.version>
<micronaut-maven-plugin.version>1.1.8</micronaut-maven-plugin.version>
<maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version>
<exec.mainClass>com.usthe.sureness.micronaut.Application</exec.mainClass>
<micronaut.runtime>netty</micronaut.runtime>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-bom</artifactId>
<version>${micronaut.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>1.7.30</version>
</dependency>
<dependency>
<groupId>com.usthe.sureness</groupId>
<artifactId>sureness-core</artifactId>
</dependency>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-inject</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-validation</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-api</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.micronaut.test</groupId>
<artifactId>micronaut-test-junit5</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-http-client</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-http-server-netty</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-runtime</artifactId>
<scope>compile</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>io.micronaut.build</groupId>
<artifactId>micronaut-maven-plugin</artifactId>
<version>${micronaut-maven-plugin.version}</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>${maven-compiler-plugin.version}</version>
<configuration>
<annotationProcessorPaths combine.children="append">
<path>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-inject-java</artifactId>
<version>${micronaut.version}</version>
</path>
<path>
<groupId>io.micronaut</groupId>
<artifactId>micronaut-validation</artifactId>
<version>${micronaut.version}</version>
</path>
</annotationProcessorPaths>
<compilerArgs>
<arg>-Amicronaut.processing.group=com.usthe.sureness</arg>
<arg>-Amicronaut.processing.module=micronaut-sureness</arg>
</compilerArgs>
</configuration>
</plugin>
</plugins>
</build>
````
- [User Guide](https://docs.micronaut.io/2.4.3/guide/index.html)
- [API Reference](https://docs.micronaut.io/2.4.3/api/index.html)
- [Configuration Reference](https://docs.micronaut.io/2.4.3/guide/configurationreference.html)
- [Micronaut Guides](https://guides.micronaut.io/index.html)
We need to create a simple micronautn app and provide some REST API for test.
## Setting Up Sureness
#### 1.Run Micronaut Application
```
import io.micronaut.runtime.Micronaut;
public class Application{
public static void main(String[] args) {
Micronaut.run(Application.class, args);
}
}
```
#### 2. Config Document Datasource - `sureness.yml`
Sureness authentication requires us to provide our own account data, role permission data. These data may come from document, databases,, annotations, etc. When we use sureness default configuration above, the datasource is document - `sureness.yml`.
Create a file named `sureness.yml` in the `resource` directory. Configure account data, role permission data in the `sureness.yml`. eg:
````yaml
## -- sureness.yml document dataSource-- ##
# load api resource which need be protected, config role who can access these resource.
# resources that are not configured are also authenticated and protected by default, but not authorized
# eg: /api/v2/host===post===[role2,role3] means /api/v2/host===post can be access by role2,role3
# eg: /api/v1/source2===get===[] means /api/v1/source2===get can not be access by any role
resourceRole:
- /api/v1/source1===get===[role2]
- /api/v1/source1===post===[role1]
- /api/v1/source1===delete===[role3]
- /api/v1/source1===put===[role1,role2]
- /api/v1/source2===get===[]
- /api/v2/host===post===[role2,role3]
- /api/v2/host===get===[role2,role3]
- /api/v2/host===delete===[role2,role3]
- /api/v2/host===put===[role2,role3]
- /api/v3/*===*===[role1,role2,role3]
# load api resource which do not need be protected, means them need be excluded.
# these api resource can be access by everyone
excludedResource:
- /api/v3/host===get
- /**/*.html===get
- /**/*.js===get
- /**/*.css===get
- /**/*.ico===get
# account info
# there are three account: admin, root, tom
# eg: admin has [role1,role2] ROLE, unencrypted password is admin, encrypted password is 0192023A7BBD73250516F069DF18B500
# eg: root has role1, unencrypted password is 23456
# eg: tom has role3, unencrypted password is 32113
account:
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
背景 在主流的前后端分离架构中,如何通过有效快速的认证鉴权来保护后端提供的restful api变得尤为重要。对现存框架,不原生支持rest的apache shiro, 还是深度绑定spring,较慢性能,学习曲线陡峭的spring security,或多或少都不是我们的理想型。 于是sureness诞生了,sureness提供一个面向restful api,无框架依赖,可以动态修改权限,多认证策略,更快速度,易用易扩展的认证鉴权框架。 介绍 sureness是在深度使用权限框架 apache shiro 之后,吸取其一些优点全新设计开发的一个认证鉴权框架。面向 restful api 的认证鉴权,基于 rbac (用户-角色-资源),主要关注于对 restful api 的安全保护。 无特定框架依赖(本质就是过滤器处拦截判断,已有springboot,quarkus,javalin,ktor等集成样例) 支持动态修改权限配置(动态修改配置每个rest api谁有权访问) 支持主流http容器 servlet 和 jax-rs 支持多种认证策略, jwt, basic auth,
资源推荐
资源详情
资源评论
收起资源包目录
sureness认证鉴权框架.rar (610个子文件)
application.conf 167B
custom.css 8KB
navbar.css 3KB
styles.module.css 3KB
Robot.module.css 3KB
highlight.module.css 2KB
LogoCarousel.module.css 1KB
hero.css 653B
Section.module.css 366B
docsearch.css 339B
buttons.css 302B
Feature.module.css 198B
.dockerignore 75B
spring.factories 177B
Dockerfile.fast-jar 2KB
.gitignore 353B
.gitignore 308B
.gitignore 233B
.gitignore 46B
index.html 4KB
index.html 4KB
index.html 245B
TirePathTree.java 18KB
SurenessAutoConfiguration.java 13KB
JsonWebTokenUtil.java 11KB
ClassScanner.java 11KB
SimulateController.java 8KB
TirePathTreeTest.java 7KB
SimulateController.java 7KB
SimulateController.java 7KB
DigestSubject.java 7KB
RoleController.java 6KB
DefaultPathRoleMatcher.java 5KB
SurenessConfiguration.java 5KB
DigestProcessor.java 5KB
SurenessFilter.java 5KB
SurenessFilterExample.java 5KB
SurenessFilterExample.java 5KB
SurenessFilterExample.java 5KB
SurenessSecurityManager.java 5KB
DefaultSurenessConfig.java 5KB
JwtSubject.java 5KB
SurenessConfiguration.java 5KB
SurenessConfiguration.java 5KB
SurenessFilterExample.java 5KB
PasswordSubject.java 5KB
CustomTokenSubject.java 5KB
SurenessSecurityManagerTest.java 5KB
Application.java 4KB
SessionSubject.java 4KB
AccountController.java 4KB
AccountServiceImpl.java 4KB
DigestSubjectServletCreator.java 4KB
CustomTokenProcessor.java 4KB
RoleServiceImpl.java 4KB
DigestSubjectSpringReactiveCreator.java 4KB
SurenessFilter.java 4KB
DigestSubjectJaxRsCreator.java 4KB
ResourceController.java 4KB
SurenessProperties.java 4KB
DocumentResourceDefaultProvider.java 4KB
DigestSubjectSolonCreator.java 4KB
DigestSubjectSolonCreator.java 4KB
DefaultPathRoleMatcherTest.java 4KB
SurenessConfiguration.java 4KB
AnnotationPathTreeProvider.java 4KB
SurenessConfiguration.java 4KB
SurenessFilter.java 4KB
GlobalExceptionHandler.java 4KB
SurenessConfiguration.java 4KB
JsonWebTokenUtilTest.java 4KB
XssSqlUtil.java 4KB
AuthResourceDaoTest.java 3KB
PasswordProcessor.java 3KB
SurenessCommonUtil.java 3KB
ServletUtil.java 3KB
SurenessConfiguration.java 3KB
AuthRoleResourceBindDaoTest.java 3KB
JwtProcessor.java 3KB
SinglePrincipalMap.java 3KB
BasicSubjectServletCreator.java 3KB
BasicSubjectSpringReactiveCreator.java 3KB
BasicSubjectReactiveCreator.java 3KB
ResourceServiceImpl.java 3KB
NoneSubject.java 3KB
SurenessFilter.java 3KB
DefaultProcessorManager.java 3KB
MicronautSurenessFilterExample.java 3KB
BasicSubjectJaxRsCreator.java 3KB
AuthUserRoleBindDaoTest.java 3KB
DocumentResourceAccess.java 3KB
SurenessFilterExample.java 3KB
SurenessSubjectFactoryTest.java 3KB
UserController.java 3KB
BasicSubjectReactiveCreator.java 3KB
SurenessSubjectSum.java 3KB
SurenessContextHolder.java 3KB
DefaultAccount.java 3KB
JwtSubjectSpringReactiveCreator.java 3KB
BasicSubjectSolonCreator.java 3KB
共 610 条
- 1
- 2
- 3
- 4
- 5
- 6
- 7
资源评论
野生的大熊
- 粉丝: 229
- 资源: 247
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功