First, I will give you the basic concepts, then the session-based authentication method, and then I will take you to quickly get started with Spring Security, and then go back to give you a detailed explanation of the Spring Security application, then the distributed system authentication scheme and OAuth2.0, and finally It is Spring Security that implements distributed system authorization!
The following will take you to learn in detail!
first part
RBAC resource-based access control (Resource-Based Access Control) is authorized by resources (or permissions), for example: users must have the permission to query salary to query employee salary information, etc.
the second part
The purpose of authentication is to protect system resources. Every time a resource is accessed, the system must know who is accessing the resource in order to legally intercept the request. Therefore, after the authentication is successful, the user information of the successfully authenticated user is generally put into the Session. In subsequent requests, the system can obtain the current user from the Session, and implement the session mechanism in this way.
the third part
Through a quick start, we use Spring Security to implement authentication and authorization. Spring Security provides authentication methods based on account numbers and passwords. Through security configuration, request interception and authorization functions can be realized. Spring Security can do more than these.
fourth part
the fifth part
Part VI
Part VII
Finally, students who need to receive this second edition of the Spring Security OAuth2.0 authentication and authorization tutorial handwritten by Mr. Ma