@EnableResourceServer @EnableAuthorizationServer是否已弃用?

时间:2019-12-19 08:00:31

标签: spring-security spring-security-oauth2

我正在编写一个简单的应用程序来测试Oauth。但是我看到两个注释@EnableResourceServer @EnableAuthorizationServer均已弃用!

我找不到其他处理方式,也找不到任何信息。

配置资源服务器和身份验证服务器的最新方法是什么?

谢谢!

2 个答案:

答案 0 :(得分:3)

如先前的评论所述,此内容最初已被删除,但最近已恢复为https://github.com/spring-projects-experimental/spring-authorization-server

请参阅新闻here

答案 1 :(得分:0)

来自

https://spring.io/blog/2019/11/14/spring-security-oauth-2-0-roadmap-update

In 2019, there are plenty of both commercial and open-source authorization servers available. Thus, the Spring Security team has decided to no longer provide support for authorization servers.

UPDATE: We’d like to thank everyone for your feedback on the decision to not support Authorization Server. Due to this feedback and some internal discussions, we are taking another look at this decision. We’ll notify the community on any progress.

基本上是对auth服务器的Spring drop支持,因为已经有很多良好的服务在起作用,不需要您重新发明。但是他们正在重新考虑它,我想这是为sprig框架提供更多的范围