Dante Cloud It is an enterprise-level microservice architecture and service capability development platform. The first version fully embracing Spring Authorization Server, a multi-tenant system developed based on the latest versions of Spring Authorization Server 0.4.0, Spring Boot 2.7.8, Spring Cloud 2021.0.5, Spring Cloud Alibaba 2021.0.4.0, Nacos 2.2.0, etc. Following the SpringBoot programming idea, it is highly modular and configurable.It has functions such as service discovery, configuration, circuit breaking, current limiting, downgrading, monitoring, multi-level caching, distributed transactions, and workflow
- Build a mature, complete, comprehensive, OAuth2.1-based microservice architecture solution with front-end and back-end separation.
- Designed and developed for enterprise-level applications and Internet applications, it not only takes into account the micro-service of traditional projects, but also meets the needs of Internet application development and construction, and rapid iteration.
- The platform architecture is built using various emerging technologies or mainstream technologies related to the microservice field and its surroundings, which is a sharp tool to help quickly cross the stage of architecture technology selection and research and exploration.
- The code is concise and standardized, and the structure is reasonable and clear. It is a typical and comprehensive case of new technology development and application, and helps developers learn and master emerging technologies.
why the name was changed to Dante Cloud
Dante Cloud (Dante), original project name Eurynome Cloud, Many friends have reported that the name is too long, difficult to read, and difficult to remember.Therefore after joining Dromara On the occasion of the open source community, the name was changed.
Dantethat is, Dante Alighieri (AD 1265-AD 1321), an Italian poet at the end of the 13th century, the founder of modern Italian, and one of the pioneering figures in the European Renaissance era. “Comedy”) is famous, and later a writer named Boccaccio named it sacred comedy.
He is considered the greatest poet of the Italian Renaissance in the Middle Ages, one of the most outstanding poets in the West, and one of the greatest writers. Engels commented: “The end of the feudal Middle Ages and the beginning of the modern capitalist era are marked by a great figure. This figure is the Italian Dante. He is the last poet of the Middle Ages. the first poet of
The name was changed to Dante Cloud, implying that this project will be like Engels’ evaluation of Dante. In the period of industry change, it can become a link between the past and the future, and help the transformation of enterprise information construction.
Since November 24, new versions such as Spring Boot 3.0 and Spring Cloud 2022.0.0 were released, and the entire Java community has also entered a new era of Java 17 and Spring Boot 3. Keeping up with the development of Java technology and the Spring community, more new features with better quality and better performance can serve the actual development work. Dante Cloud also upgrades and adapts synchronously. Spring Boot 3.0.2, Spring Cloud 2022.0.0, Spring Cloud Alibaba 2022.0.0.0-RC1, Spring Cloud Tencent 1.8.4-2022.0.0, Nacos 2.2.1-RC The new Dante Cloud 22.214.171.124 version.For attention, please move to the 3.0 branch
the content of this update
- 【major update】
- [升级] Spring Boot version upgrade to 2.7.8
- [重构] Restructure the module structure of the Athena project, simplify the multi-module structure of the project, delete redundant and exemplary structures, and make the purpose and meaning of each module more concise and clear
- 【other updates】
- [新增] For a certain type of interface whose permission verification is not strict, a new permission verification policy is added that only verifies whether it is authenticated or not, and does not verify authorization, so as to improve the flexibility of permission verification and reduce the workload of permission configuration maintenance.
- [新增] Permission verification policy configuration that only verifies whether it is authenticated or not, and does not verify authorization
- [修复] Fix the potential security problem that the permission cache data is lost and the interface request will skip the permission verification in extreme cases.
- [修复] Fix the io.netty.util.internal.OutOfDirectMemoryError problem after Spring Cloud Gateway runs for a long time.
- [优化] Set the default WebSocket connection address to permitAll permission, skip resource server detection, and the WebSocket module will perform permission verification independently.
- [优化] Based on the latest version of axios typescript definition, optimize the front-end @herodotus/core module axios core code to avoid type verification errors during compilation.
- 【Dependency update】
- [升级] Jetcache version upgrade to 2.7.3
- [升级] tencentcloud-sdk-java-sms version upgrade to 3.1.681
- [升级] Alipay-sdk-java version upgraded to 4.35.37.ALL
、Dante Cloud 2.7.X features
1. Front end
- It does not use any popular open source templates, uses a new technology stack, and completely “handwritten” a new front-end project.
- Drawing on the use and design of popular open source versions, the new front-end interface style and operating habits are as consistent as possible with the current popular methods.
- Make full use of Typescript language features, solve a large number of type verification problems, and avoid the “any” type of Typescript programming language usage as much as possible.
- Make full use of new features of the Vue3 framework such as Composition Api and Hooks for code writing.
- Make full use of Component, Hooks, and Typescript object-oriented features to extract common components and code, and reduce engineering duplication as much as possible.
- Encapsulate many Quasar basic components and application function components to facilitate unified modification, maintenance and development of the code.
- In the production mode, the in-depth performance optimization of Vite3-based project packaging is carried out.
- Provide containerized packaging and deployment of engineering production code in the docker-compose mode.
- Support password mode, authorization code mode, SMS mode, third-party socialization and other login modes.
Two, the back end
Spring Authorization Server Deep customization and extension:
Spring Authorization Serverand
Spring Data JPARealize the multi-tenant system architecture and support two modes of Database and Schema.
Spring Data JPA,rebuild
Spring Authorization ServerThe basic data storage code replaces the original JDBC data access method and breaks the
Spring Authorization ServerThe original data storage limitation has been extended to a method and design that is more in line with practical applications.
Spring Authorization Serverbased on the OAuth 2.1 specification, add custom
Resource Ownership Password(Password) authentication mode, to be compatible with existing OAuth 2-based applications with front-end and back-end separation, and support the use of Refresh Token.
Spring Authorization Serverbased on the OAuth 2.1 specification, add custom
Social Credentials(Social login) authentication mode, supports SMS verification code, WeChat applet, third-party application login based on JustAuth, and supports the use of Refresh Token.
Spring Authorization Serverdefault
Client Credentialsmode, implement
Client CredentialsThe mode supports the use of Refresh Token.
Spring Authorization Serverdefault
Client CredentialsMode, to realize the real verification of the interface by using the Scope authority.Increase the permission configuration function of client Scope and decouple it from the existing user permission system
Spring Authorization Server
Authorization Code PKCEauthentication mode
Spring Authorization ServerIn addition to the standard JWT Token encryption verification method, a JWT Token encryption verification method based on a custom certificate is added, which can be dynamically modified through configuration.
Support Opaque Token (opaque token) format and verification method, which will reduce the risk of JWT Token being captured and analyzed. You can set the default Token format to be Opaque Token or JWT Token by modifying configuration parameters.
Fully supports the OpenID Connect (OIDC) protocol, when the system is in use, the OIDC mode and the traditional OAuth2 mode can be quickly switched through the front-end switch configuration according to the usage requirements
Resource Ownership Password,
Social CredentialsSeveral modes fully integrate IdToken, Opaque Token, JWT Token and the existing permission system, and provide IdToken and custom Token extensions to transfer user information without secondary requests, reducing frequent requests for user information.
Spring Authorization ServerAuthorization code mode login authentication page and authorization confirmation page, authorization code mode login adopts encrypted data transmission. Multiple types of verification codes are supported, but behavioral verification codes are not supported for now.
- Based on JetCache’s multi-level cache support, realize customization
Spring Data JPAThe second-level cache effectively solves the Spring Cache query cache update problem.
- fully integrated
@PreAuthorizeAnnotation permissions and
URLPermissions are dynamically configured through the backend and do not need to be configured in code
Spring SecurityPermission annotations and permission methods can realize interface authentication and dynamic modification of permissions.Adopt a distributed authentication scheme to avoid the pressure of Gateway unified authentication and the problem of repeated authentication
- Adopt distributed service independent authentication scheme,
@PreAuthorizePermission annotations, permission methods, and
URLPermissions are dynamically distributed to corresponding services in real time after being dynamically configured through the backend.
UserDetailsCore Data supports direct database acquisition and
FeignThere are two modes of remote calling.
OAuth2The performance of the direct connection database mode is better,
FeignAccess to remote calls is more scalable. The policy mode can be dynamically modified through configuration.
- Based on the custom Session, mixed national secret SM2 (asymmetric) and SM4 (symmetric encryption) algorithms, the secret key is dynamically generated and encrypted for transmission. Utilize the “one person one code mechanism” to realize dynamic encrypted transmission of password mode login data.Cooperate
OAuth2 ClientVerify and protect the rationality and security of interface calls and front-end and back-end data transmission.
1. Community vision
Let every open source enthusiast experience the joy of open source.
2. Community official website
https://dromara.org is the official website of the Dromara open source community.
3. Member projects
#Dante #Cloud #released #Spring #Boot #version #upgraded #News Fast Delivery