我正在设置Spring Cloud Dataflow服务器2.0.0.M1的docker实例,并尝试在Spring Boot App上使用java dsl创建流。 没有启用安全性,一切都无法正常工作,但是我找不到有关如何在Spring Cloud Dataflow服务器上启用客户端凭证授权的文档。
Docker-compose.yml
dataflow-server:
image: springcloud/spring-cloud-dataflow-server:2.0.0.M1
volumes:
- ~/.m2:/root/.m2
container_name: dataflow-server
ports:
- "9393:9393"
environment:
- spring.datasource.url=jdbc:mysql://mysql:3306/dataflow
- spring.datasource.username=YYYY
- spring.datasource.password=XXXX
- spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
- spring.cloud.dataflow.applicationProperties.stream.spring.rabbitmq.host=rabbitmq
- spring.cloud.skipper.client.serverUri=http://skipper-server:7577/api
- spring.main.allow-bean-definition-overriding=true
- security.oauth2.client.client-id=1fcb6bhh89slo0r39hreq3CSAD
- security.oauth2.client.client-secret=XXX
#- security.oauth2.client.scope=http://localhost:9393/login
- security.oauth2.client.grant-type=client_credentials
- security.oauth2.client.access-token-uri=https://data-server.auth.us-east-2.amazoncognito.com/oauth2/token
通过这种配置,我希望可以使用客户端凭据通过oauth2保护数据流服务器内部API。
但是使用此配置运行服务器会导致以下错误:
dataflow-server | ***************************
dataflow-server | APPLICATION FAILED TO START
dataflow-server | ***************************
dataflow-server |
dataflow-server | Description:
dataflow-server |
dataflow-server | Field authorizationCodeResourceDetails in org.springframework.cloud.common.security.OAuthSecurityConfiguration required a bean of type 'org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails' that could not be found.
dataflow-server |
dataflow-server | The injection point has the following annotations:
dataflow-server | - @org.springframework.beans.factory.annotation.Value(value=#{@autowiredWebSecurityConfigurersIgnoreParents.getWebSecurityConfigurers()})
dataflow-server |
dataflow-server |
dataflow-server | Action:
dataflow-server |
dataflow-server | Consider defining a bean of type 'org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails' in your configuration.
d
正如我所看到的,一个bean的authorizationCodeResourceDetails是必需的,但是只有授权码的授权才需要这个bean。是否有人能够通过客户端证书授予保护Spring Cloud Dataflow服务器的其余端点?
注意:我只是想让Java DSL工作。我不需要运行服务器用户界面或外壳。