Today’s article introduces Spring Cloud Gateway’s integration of OAuth2.0 to implement authentication and authorization. It involves a lot of knowledge points. If you are unclear, you can read Chen’s previous articles.
The article directory is as follows:
Microservice Authentication Scheme
There are currently many microservice authentication schemes, and each enterprise is also very different, but they are generally divided into two categories, as follows:
- The gateway is only responsible for forwarding requests, and the authentication and authentication are controlled by each microservice provider
- Authentication is unified at the gateway level, and microservices are only responsible for business
Which solution is your company currently using?
Let me talk about the first solution first, which has great disadvantages, as follows:
- Code coupling is serious, and each microservice must maintain a set of authentication authentication
- It is impossible to achieve unified authentication and authentication, and the development is too difficult
The second option is obviously the simpler one, with the following advantages:
- Unified authentication and authentication are achieved, and microservices only need to perform their respective duties and focus on their own business.
- Code coupling is low, which is convenient for subsequent expansion
Below, Chen will take the second solution as an example to integrate Spring Cloud Gateway + Spring Cloud Security to create a set of unified authentication cases.
Case Architecture
Before starting to code, let’s first talk about the general authentication process. The structure is as follows: </