|
|
@ -3193,6 +3193,17 @@ In other words, the two configurations in the following example use the Google p
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[[boot-features-security-oauth2-server]]
|
|
|
|
|
|
|
|
==== Server
|
|
|
|
|
|
|
|
Currently, Spring Security does not provide support for implementing an OAuth 2.0
|
|
|
|
|
|
|
|
Authorization Server or Resource Server. However, this functionality is available from
|
|
|
|
|
|
|
|
the https://projects.spring.io/spring-security-oauth/[Spring Security OAuth] project,
|
|
|
|
|
|
|
|
which will eventually be superseded by Spring Security completely. Until then, you can
|
|
|
|
|
|
|
|
use the `spring-security-oauth2-autoconfigure` module to easily set up an OAuth 2.0 server;
|
|
|
|
|
|
|
|
see its https://docs.spring.io/spring-security-oauth2-boot[documentation] for instructions.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[[boot-features-security-actuator]]
|
|
|
|
[[boot-features-security-actuator]]
|
|
|
|
=== Actuator Security
|
|
|
|
=== Actuator Security
|
|
|
|
For security purposes, all actuators other than `/health` and `/info` are disabled by
|
|
|
|
For security purposes, all actuators other than `/health` and `/info` are disabled by
|
|
|
|