|
|
|
@ -3193,6 +3193,17 @@ In other words, the two configurations in the following example use the Google p |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[[boot-features-security-oauth2-server]] |
|
|
|
|
|
|
|
==== Server |
|
|
|
|
|
|
|
Currently, Spring Security does not provide support for implementing an OAuth 2.0 |
|
|
|
|
|
|
|
Authorization Server or Resource Server. However, this functionality is available from |
|
|
|
|
|
|
|
the https://projects.spring.io/spring-security-oauth/[Spring Security OAuth] project, |
|
|
|
|
|
|
|
which will eventually be superseded by Spring Security completely. Until then, you can |
|
|
|
|
|
|
|
use the `spring-security-oauth2-autoconfigure` module to easily set up an OAuth 2.0 server; |
|
|
|
|
|
|
|
see its https://docs.spring.io/spring-security-oauth2-boot[documentation] for instructions. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[[boot-features-security-actuator]] |
|
|
|
[[boot-features-security-actuator]] |
|
|
|
=== Actuator Security |
|
|
|
=== Actuator Security |
|
|
|
For security purposes, all actuators other than `/health` and `/info` are disabled by |
|
|
|
For security purposes, all actuators other than `/health` and `/info` are disabled by |
|
|
|
|
Stephane Nicoll
8 years ago