The Role of security in microservices
User Authentication/AuthorizationSingle Sign onData SecurityInteroperability
OAuth2.0
Protocol for conveying authorizationProvides authorization flow for various clients Obtain limited access to user accountsSeparates idea of user and clientAccess token carries more than identityNot an authentication scheme
How Spring Supports OAuth2.0
Code annotationsToken storage optionsOAuth2.0endpoints Numberous extensibility points
ref :
https://docs.spring.io/spring-security/site/docs/4.2.3.RELEASE/reference/htmlsingle/#jc-method
https://projects.spring.io/spring-security-oauth/docs/oauth2.html
http://www.ruanyifeng.com/blog/2014/05/oauth_2_0.html // 阮一峰
http://www.rfcreader.com/#rfc6749
转载于:https://www.cnblogs.com/shouwangzhe-/p/7834880.html