BestHub
Sign in
Backend Development 4 min read

How to Implement SSO Login with Spring Security and Vue: Step‑by‑Step Guide

This article walks through the complete SSO login flow—from the browser request to the SSO server, code exchange, token generation, and front‑end redirection—while detailing front‑end and back‑end code modifications needed for password‑less authentication.

Java Architecture Diary
Java Architecture Diary
Java Architecture Diary
How to Implement SSO Login with Spring Security and Vue: Step‑by‑Step Guide

Effect Demonstration

Login Process Explanation

Browser visits sso-server and specifies the callback URL of the business system front‑end.

http://localhost:3000/oauth/authorize?response_type=code&scope=server&client_id=ruoyi&state=ruoyi&redirect_uri=xx

Login on sso-server loginPage using the authentication center's account database.

Submit login form to sso-server.

After successful form login, sso-server redirects to the front‑end address specified in step 1.

Front‑end receives code and calls the business system back‑end to exchange the code for login.

Back‑end returns a token to the front‑end, which then redirects to index.

Core Refactoring Points

Front‑end takes over part of the server work: obtain the SSO callback code and actively request the back‑end login API.

export default {
    name: 'sso',
    created() {
      Cookies.remove('Admin-Token')
      const url = window.location.href.replace('#/authredirect', '')
      this.loginForm.ssoCode = getQueryString(url, 'code')
      this.$store.dispatch("Login", ssoCode)
        .then(() => {this.$router.push({path: "/"});})
    }
}

Back‑end adds an interface to exchange the code for its own system token, calling the sso‑server API to verify the user, similar to WeChat or other third‑party flows.

public String loginBySso(String ssoCode) {
    // exchange code for sso token & username
    String json = getAccessToken(ssoCode);
    String username = JSONObject.parseObject(json).getString("username");
    // user authentication
    Authentication authentication;
    try {
        authentication = authenticationManager
                .authenticate(new UsernamePasswordAuthenticationToken(username, "SSO"));
    } catch (Exception e) {
        throw new CustomException(e.getMessage());
    }
    AsyncManager.me().execute(AsyncFactory.recordLogininfor(username.toString(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
    LoginUser loginUser = (LoginUser) authentication.getPrincipal();
    // generate token
    return tokenService.createToken(loginUser);
}

Refactor the existing business system (Spring Security) for password‑less login.

public class SsoBCryptPasswordEncoder extends BCryptPasswordEncoder {
    @Override
    public boolean matches(CharSequence rawPassword, String encodedPassword) {
        // treat raw password "SSO" as a special flag
        if ("SSO".equals(rawPassword.toString())) {
            return true;
        }
        return super.matches(rawPassword, encodedPassword);
    }
}

Related Source Code

Business system demo: https://gitee.com/pig4cloud/RuoYi-Vue

Server sso-server: https://gitee.com/log4j/pig

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

VueOAuth2TokenSSOspring-securityLogin Flow
Java Architecture Diary
Written by

Java Architecture Diary

Committed to sharing original, high‑quality technical articles; no fluff or promotional content.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment