diff --git a/address/src/main/java/com/alibaba/nacos/address/auth/AddressServerAuthManager.java b/address/src/main/java/com/alibaba/nacos/address/auth/AddressServerAuthManager.java
index fb7c08b9897..617cd232dab 100644
--- a/address/src/main/java/com/alibaba/nacos/address/auth/AddressServerAuthManager.java
+++ b/address/src/main/java/com/alibaba/nacos/address/auth/AddressServerAuthManager.java
@@ -16,10 +16,10 @@
package com.alibaba.nacos.address.auth;
-import com.alibaba.nacos.core.auth.AccessException;
-import com.alibaba.nacos.core.auth.AuthManager;
-import com.alibaba.nacos.core.auth.Permission;
-import com.alibaba.nacos.core.auth.User;
+import com.alibaba.nacos.auth.AuthManager;
+import com.alibaba.nacos.auth.exception.AccessException;
+import com.alibaba.nacos.auth.model.Permission;
+import com.alibaba.nacos.auth.model.User;
/**
* Address server auth manager.
diff --git a/address/src/main/java/com/alibaba/nacos/address/configuration/AddressServerSpringConfiguration.java b/address/src/main/java/com/alibaba/nacos/address/configuration/AddressServerSpringConfiguration.java
index bd822b1cee1..8c04df237f5 100644
--- a/address/src/main/java/com/alibaba/nacos/address/configuration/AddressServerSpringConfiguration.java
+++ b/address/src/main/java/com/alibaba/nacos/address/configuration/AddressServerSpringConfiguration.java
@@ -17,7 +17,7 @@
package com.alibaba.nacos.address.configuration;
import com.alibaba.nacos.address.auth.AddressServerAuthManager;
-import com.alibaba.nacos.core.auth.AuthManager;
+import com.alibaba.nacos.auth.AuthManager;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
diff --git a/auth/pom.xml b/auth/pom.xml
index 0653a75e7bc..b3339d0ed3e 100644
--- a/auth/pom.xml
+++ b/auth/pom.xml
@@ -36,7 +36,21 @@
+
+ ${project.groupId}
+ nacos-common
+
+
+
+ org.springframework.boot
+ spring-boot-starter
+ true
+
+
+ org.apache.tomcat.embed
+ tomcat-embed-core
+
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/AuthManager.java b/auth/src/main/java/com/alibaba/nacos/auth/AuthManager.java
similarity index 88%
rename from core/src/main/java/com/alibaba/nacos/core/auth/AuthManager.java
rename to auth/src/main/java/com/alibaba/nacos/auth/AuthManager.java
index b1cfaeea8cd..0009e0569f0 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/AuthManager.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/AuthManager.java
@@ -14,12 +14,17 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth;
+
+import com.alibaba.nacos.auth.exception.AccessException;
+import com.alibaba.nacos.auth.model.Permission;
+import com.alibaba.nacos.auth.model.User;
/**
* Access control entry. Can be extended by 3rd party implementations.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
public interface AuthManager {
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/Secured.java b/auth/src/main/java/com/alibaba/nacos/auth/annotation/Secured.java
similarity index 86%
rename from core/src/main/java/com/alibaba/nacos/core/auth/Secured.java
rename to auth/src/main/java/com/alibaba/nacos/auth/annotation/Secured.java
index 2b129f05517..06e53bba8a1 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/Secured.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/annotation/Secured.java
@@ -14,8 +14,11 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.annotation;
+import com.alibaba.nacos.auth.common.ActionTypes;
+import com.alibaba.nacos.auth.parser.DefaultResourceParser;
+import com.alibaba.nacos.auth.parser.ResourceParser;
import org.apache.commons.lang3.StringUtils;
import java.lang.annotation.Retention;
@@ -25,6 +28,7 @@
* Annotation indicating that the annotated request should be authorized.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
@Retention(RetentionPolicy.RUNTIME)
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/ActionTypes.java b/auth/src/main/java/com/alibaba/nacos/auth/common/ActionTypes.java
similarity index 94%
rename from core/src/main/java/com/alibaba/nacos/core/auth/ActionTypes.java
rename to auth/src/main/java/com/alibaba/nacos/auth/common/ActionTypes.java
index 4cace580b17..77157b61fad 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/ActionTypes.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/common/ActionTypes.java
@@ -14,12 +14,13 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.common;
/**
* Resource action type definitions.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
public enum ActionTypes {
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/AuthConfigs.java b/auth/src/main/java/com/alibaba/nacos/auth/common/AuthConfigs.java
similarity index 80%
rename from core/src/main/java/com/alibaba/nacos/core/auth/AuthConfigs.java
rename to auth/src/main/java/com/alibaba/nacos/auth/common/AuthConfigs.java
index a8b92871269..44e94907b26 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/AuthConfigs.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/common/AuthConfigs.java
@@ -14,18 +14,15 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.common;
+import com.alibaba.nacos.auth.common.env.ReloadableConfigs;
import com.alibaba.nacos.common.JustForTest;
-import com.alibaba.nacos.core.env.ReloadableConfigs;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.web.servlet.FilterRegistrationBean;
-import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
-import org.springframework.stereotype.Component;
import java.util.Objects;
@@ -33,9 +30,9 @@
* Auth related configurations.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
-@Component
@Configuration
public class AuthConfigs {
@@ -107,21 +104,4 @@ public boolean isCachingEnabled() {
public static void setCachingEnabled(boolean cachingEnabled) {
AuthConfigs.cachingEnabled = cachingEnabled;
}
-
- @Bean
- public FilterRegistrationBean authFilterRegistration() {
- FilterRegistrationBean registration = new FilterRegistrationBean<>();
- registration.setFilter(authFilter());
- registration.addUrlPatterns("/*");
- registration.setName("authFilter");
- registration.setOrder(6);
-
- return registration;
- }
-
- @Bean
- public AuthFilter authFilter() {
- return new AuthFilter();
- }
-
}
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/AuthSystemTypes.java b/auth/src/main/java/com/alibaba/nacos/auth/common/AuthSystemTypes.java
similarity index 93%
rename from core/src/main/java/com/alibaba/nacos/core/auth/AuthSystemTypes.java
rename to auth/src/main/java/com/alibaba/nacos/auth/common/AuthSystemTypes.java
index 2517b5bbc94..dc45b50e33e 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/AuthSystemTypes.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/common/AuthSystemTypes.java
@@ -14,12 +14,13 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.common;
/**
* Types of all auth implementations.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
public enum AuthSystemTypes {
diff --git a/core/src/main/java/com/alibaba/nacos/core/env/ReloadableConfigs.java b/auth/src/main/java/com/alibaba/nacos/auth/common/env/ReloadableConfigs.java
similarity index 97%
rename from core/src/main/java/com/alibaba/nacos/core/env/ReloadableConfigs.java
rename to auth/src/main/java/com/alibaba/nacos/auth/common/env/ReloadableConfigs.java
index 32d704a378b..6984ad52e7f 100644
--- a/core/src/main/java/com/alibaba/nacos/core/env/ReloadableConfigs.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/common/env/ReloadableConfigs.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.env;
+package com.alibaba.nacos.auth.common.env;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Value;
@@ -31,6 +31,7 @@
* Reload application.properties.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
@Component
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/AccessException.java b/auth/src/main/java/com/alibaba/nacos/auth/exception/AccessException.java
similarity index 94%
rename from core/src/main/java/com/alibaba/nacos/core/auth/AccessException.java
rename to auth/src/main/java/com/alibaba/nacos/auth/exception/AccessException.java
index 50b5b581f36..e53574d7285 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/AccessException.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/exception/AccessException.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.exception;
import com.alibaba.nacos.api.exception.NacosException;
@@ -22,6 +22,7 @@
* Exception to be thrown if authorization is failed.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
public class AccessException extends NacosException {
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/Permission.java b/auth/src/main/java/com/alibaba/nacos/auth/model/Permission.java
similarity index 96%
rename from core/src/main/java/com/alibaba/nacos/core/auth/Permission.java
rename to auth/src/main/java/com/alibaba/nacos/auth/model/Permission.java
index 9e3ca334707..cf30a5ecf97 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/Permission.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/model/Permission.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.model;
import java.io.Serializable;
@@ -22,6 +22,7 @@
* Permission to auth.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
public class Permission implements Serializable {
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/Resource.java b/auth/src/main/java/com/alibaba/nacos/auth/model/Resource.java
similarity index 96%
rename from core/src/main/java/com/alibaba/nacos/core/auth/Resource.java
rename to auth/src/main/java/com/alibaba/nacos/auth/model/Resource.java
index 74a9bb5d95d..fa15feddf0e 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/Resource.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/model/Resource.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.model;
import java.io.Serializable;
@@ -22,6 +22,7 @@
* Resource used in authorization.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
public class Resource implements Serializable {
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/User.java b/auth/src/main/java/com/alibaba/nacos/auth/model/User.java
similarity index 95%
rename from core/src/main/java/com/alibaba/nacos/core/auth/User.java
rename to auth/src/main/java/com/alibaba/nacos/auth/model/User.java
index 806cb8bee0a..0db4fd7ab2d 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/User.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/model/User.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.model;
import java.io.Serializable;
@@ -22,6 +22,7 @@
* User information in authorization.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
public class User implements Serializable {
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/DefaultResourceParser.java b/auth/src/main/java/com/alibaba/nacos/auth/parser/DefaultResourceParser.java
similarity index 94%
rename from core/src/main/java/com/alibaba/nacos/core/auth/DefaultResourceParser.java
rename to auth/src/main/java/com/alibaba/nacos/auth/parser/DefaultResourceParser.java
index 86d36645ac6..dcc1699fa68 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/DefaultResourceParser.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/parser/DefaultResourceParser.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.parser;
import org.apache.commons.lang3.StringUtils;
@@ -22,6 +22,7 @@
* Default resource parser.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
public class DefaultResourceParser implements ResourceParser {
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/ResourceParser.java b/auth/src/main/java/com/alibaba/nacos/auth/parser/ResourceParser.java
similarity index 94%
rename from core/src/main/java/com/alibaba/nacos/core/auth/ResourceParser.java
rename to auth/src/main/java/com/alibaba/nacos/auth/parser/ResourceParser.java
index b86a1e0894f..9902aa1ef19 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/ResourceParser.java
+++ b/auth/src/main/java/com/alibaba/nacos/auth/parser/ResourceParser.java
@@ -14,12 +14,13 @@
* limitations under the License.
*/
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.parser;
/**
* Resource parser.
*
* @author nkorange
+ * @author mai.jh
* @since 1.2.0
*/
public interface ResourceParser {
diff --git a/config/src/main/java/com/alibaba/nacos/config/server/auth/ConfigResourceParser.java b/config/src/main/java/com/alibaba/nacos/config/server/auth/ConfigResourceParser.java
index 4bfc266ac2e..bf31875edfb 100644
--- a/config/src/main/java/com/alibaba/nacos/config/server/auth/ConfigResourceParser.java
+++ b/config/src/main/java/com/alibaba/nacos/config/server/auth/ConfigResourceParser.java
@@ -16,11 +16,10 @@
package com.alibaba.nacos.config.server.auth;
-import com.alibaba.nacos.core.auth.Resource;
-import com.alibaba.nacos.core.auth.ResourceParser;
-
import javax.servlet.http.HttpServletRequest;
+import com.alibaba.nacos.auth.model.Resource;
+import com.alibaba.nacos.auth.parser.ResourceParser;
import org.apache.commons.lang3.StringUtils;
/**
diff --git a/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigController.java b/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigController.java
index 812b93cab80..be8505eede6 100644
--- a/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigController.java
+++ b/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigController.java
@@ -17,6 +17,8 @@
package com.alibaba.nacos.config.server.controller;
import com.alibaba.nacos.api.exception.NacosException;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.common.model.RestResult;
import com.alibaba.nacos.common.utils.MapUtils;
import com.alibaba.nacos.config.server.auth.ConfigResourceParser;
@@ -43,8 +45,6 @@
import com.alibaba.nacos.config.server.utils.RequestUtil;
import com.alibaba.nacos.config.server.utils.TimeUtils;
import com.alibaba.nacos.config.server.utils.ZipUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
import com.alibaba.nacos.core.utils.InetUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.time.DateFormatUtils;
diff --git a/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigOpsController.java b/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigOpsController.java
index cb7728c0606..54bf19c2323 100755
--- a/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigOpsController.java
+++ b/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigOpsController.java
@@ -16,6 +16,8 @@
package com.alibaba.nacos.config.server.controller;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.common.model.RestResult;
import com.alibaba.nacos.common.model.RestResultUtils;
import com.alibaba.nacos.common.utils.Objects;
@@ -29,8 +31,6 @@
import com.alibaba.nacos.config.server.service.repository.embedded.DatabaseOperate;
import com.alibaba.nacos.config.server.utils.LogUtil;
import com.alibaba.nacos.config.server.utils.PropertyUtil;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
import com.alibaba.nacos.core.utils.ApplicationUtils;
import com.alibaba.nacos.core.utils.WebUtils;
import org.apache.commons.lang3.StringUtils;
diff --git a/config/src/main/java/com/alibaba/nacos/config/server/utils/RequestUtil.java b/config/src/main/java/com/alibaba/nacos/config/server/utils/RequestUtil.java
index e6ca390f98f..834d4dcae23 100644
--- a/config/src/main/java/com/alibaba/nacos/config/server/utils/RequestUtil.java
+++ b/config/src/main/java/com/alibaba/nacos/config/server/utils/RequestUtil.java
@@ -16,7 +16,7 @@
package com.alibaba.nacos.config.server.utils;
-import com.alibaba.nacos.core.auth.User;
+import com.alibaba.nacos.auth.model.User;
import org.apache.commons.lang3.StringUtils;
import javax.servlet.http.HttpServletRequest;
diff --git a/console/src/main/java/com/alibaba/nacos/console/controller/NamespaceController.java b/console/src/main/java/com/alibaba/nacos/console/controller/NamespaceController.java
index efd441cabb8..d0ca0fe3e51 100644
--- a/console/src/main/java/com/alibaba/nacos/console/controller/NamespaceController.java
+++ b/console/src/main/java/com/alibaba/nacos/console/controller/NamespaceController.java
@@ -16,14 +16,14 @@
package com.alibaba.nacos.console.controller;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.common.model.RestResult;
import com.alibaba.nacos.config.server.model.TenantInfo;
import com.alibaba.nacos.config.server.service.repository.PersistService;
import com.alibaba.nacos.console.model.Namespace;
import com.alibaba.nacos.console.model.NamespaceAllInfo;
import com.alibaba.nacos.console.security.nacos.NacosAuthConfig;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.DeleteMapping;
diff --git a/console/src/main/java/com/alibaba/nacos/console/controller/PermissionController.java b/console/src/main/java/com/alibaba/nacos/console/controller/PermissionController.java
index 4730fa1be82..d808009f318 100644
--- a/console/src/main/java/com/alibaba/nacos/console/controller/PermissionController.java
+++ b/console/src/main/java/com/alibaba/nacos/console/controller/PermissionController.java
@@ -16,11 +16,11 @@
package com.alibaba.nacos.console.controller;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.common.model.RestResult;
import com.alibaba.nacos.console.security.nacos.NacosAuthConfig;
import com.alibaba.nacos.console.security.nacos.roles.NacosRoleServiceImpl;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.DeleteMapping;
diff --git a/console/src/main/java/com/alibaba/nacos/console/controller/RoleController.java b/console/src/main/java/com/alibaba/nacos/console/controller/RoleController.java
index f89e691b8a1..6592ed39fdf 100644
--- a/console/src/main/java/com/alibaba/nacos/console/controller/RoleController.java
+++ b/console/src/main/java/com/alibaba/nacos/console/controller/RoleController.java
@@ -16,11 +16,11 @@
package com.alibaba.nacos.console.controller;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.common.model.RestResult;
import com.alibaba.nacos.console.security.nacos.NacosAuthConfig;
import com.alibaba.nacos.console.security.nacos.roles.NacosRoleServiceImpl;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.DeleteMapping;
diff --git a/console/src/main/java/com/alibaba/nacos/console/controller/UserController.java b/console/src/main/java/com/alibaba/nacos/console/controller/UserController.java
index 13562dfa2f7..c9f391159b7 100644
--- a/console/src/main/java/com/alibaba/nacos/console/controller/UserController.java
+++ b/console/src/main/java/com/alibaba/nacos/console/controller/UserController.java
@@ -17,6 +17,11 @@
package com.alibaba.nacos.console.controller;
import com.alibaba.nacos.api.common.Constants;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
+import com.alibaba.nacos.auth.common.AuthConfigs;
+import com.alibaba.nacos.auth.common.AuthSystemTypes;
+import com.alibaba.nacos.auth.exception.AccessException;
import com.alibaba.nacos.common.model.RestResult;
import com.alibaba.nacos.common.utils.JacksonUtils;
import com.alibaba.nacos.config.server.auth.RoleInfo;
@@ -28,11 +33,6 @@
import com.alibaba.nacos.console.security.nacos.users.NacosUserDetailsServiceImpl;
import com.alibaba.nacos.console.utils.JwtTokenUtils;
import com.alibaba.nacos.console.utils.PasswordEncoderUtil;
-import com.alibaba.nacos.core.auth.AccessException;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.AuthConfigs;
-import com.alibaba.nacos.core.auth.AuthSystemTypes;
-import com.alibaba.nacos.core.auth.Secured;
import com.fasterxml.jackson.databind.node.ObjectNode;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
diff --git a/console/src/main/java/com/alibaba/nacos/console/exception/ConsoleExceptionHandler.java b/console/src/main/java/com/alibaba/nacos/console/exception/ConsoleExceptionHandler.java
index 7853593a795..d76080c45dc 100644
--- a/console/src/main/java/com/alibaba/nacos/console/exception/ConsoleExceptionHandler.java
+++ b/console/src/main/java/com/alibaba/nacos/console/exception/ConsoleExceptionHandler.java
@@ -16,8 +16,8 @@
package com.alibaba.nacos.console.exception;
+import com.alibaba.nacos.auth.exception.AccessException;
import com.alibaba.nacos.common.utils.ExceptionUtil;
-import com.alibaba.nacos.core.auth.AccessException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
diff --git a/console/src/main/java/com/alibaba/nacos/console/security/nacos/JwtTokenManager.java b/console/src/main/java/com/alibaba/nacos/console/security/nacos/JwtTokenManager.java
index 9d42a2a4cee..62eadc35ce7 100644
--- a/console/src/main/java/com/alibaba/nacos/console/security/nacos/JwtTokenManager.java
+++ b/console/src/main/java/com/alibaba/nacos/console/security/nacos/JwtTokenManager.java
@@ -16,7 +16,7 @@
package com.alibaba.nacos.console.security.nacos;
-import com.alibaba.nacos.core.auth.AuthConfigs;
+import com.alibaba.nacos.auth.common.AuthConfigs;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
diff --git a/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthConfig.java b/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthConfig.java
index 7956420b974..b06826baed5 100644
--- a/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthConfig.java
+++ b/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthConfig.java
@@ -16,10 +16,10 @@
package com.alibaba.nacos.console.security.nacos;
+import com.alibaba.nacos.auth.common.AuthConfigs;
+import com.alibaba.nacos.auth.common.AuthSystemTypes;
import com.alibaba.nacos.console.filter.JwtAuthenticationTokenFilter;
import com.alibaba.nacos.console.security.nacos.users.NacosUserDetailsServiceImpl;
-import com.alibaba.nacos.core.auth.AuthConfigs;
-import com.alibaba.nacos.core.auth.AuthSystemTypes;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
diff --git a/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthManager.java b/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthManager.java
index c35fcc8611c..8a7b80db038 100644
--- a/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthManager.java
+++ b/console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthManager.java
@@ -17,14 +17,14 @@
package com.alibaba.nacos.console.security.nacos;
import com.alibaba.nacos.api.common.Constants;
+import com.alibaba.nacos.auth.AuthManager;
+import com.alibaba.nacos.auth.exception.AccessException;
+import com.alibaba.nacos.auth.model.Permission;
+import com.alibaba.nacos.auth.model.User;
import com.alibaba.nacos.config.server.auth.RoleInfo;
import com.alibaba.nacos.config.server.utils.RequestUtil;
import com.alibaba.nacos.console.security.nacos.roles.NacosRoleServiceImpl;
import com.alibaba.nacos.console.security.nacos.users.NacosUser;
-import com.alibaba.nacos.core.auth.AccessException;
-import com.alibaba.nacos.core.auth.AuthManager;
-import com.alibaba.nacos.core.auth.Permission;
-import com.alibaba.nacos.core.auth.User;
import com.alibaba.nacos.core.utils.Loggers;
import io.jsonwebtoken.ExpiredJwtException;
import org.apache.commons.lang3.StringUtils;
diff --git a/console/src/main/java/com/alibaba/nacos/console/security/nacos/roles/NacosRoleServiceImpl.java b/console/src/main/java/com/alibaba/nacos/console/security/nacos/roles/NacosRoleServiceImpl.java
index 2b64fcb9203..d2aff9036e0 100644
--- a/console/src/main/java/com/alibaba/nacos/console/security/nacos/roles/NacosRoleServiceImpl.java
+++ b/console/src/main/java/com/alibaba/nacos/console/security/nacos/roles/NacosRoleServiceImpl.java
@@ -16,6 +16,8 @@
package com.alibaba.nacos.console.security.nacos.roles;
+import com.alibaba.nacos.auth.common.AuthConfigs;
+import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.config.server.auth.PermissionInfo;
import com.alibaba.nacos.config.server.auth.PermissionPersistService;
import com.alibaba.nacos.config.server.auth.RoleInfo;
@@ -23,8 +25,6 @@
import com.alibaba.nacos.config.server.model.Page;
import com.alibaba.nacos.console.security.nacos.NacosAuthConfig;
import com.alibaba.nacos.console.security.nacos.users.NacosUserDetailsServiceImpl;
-import com.alibaba.nacos.core.auth.AuthConfigs;
-import com.alibaba.nacos.core.auth.Permission;
import com.alibaba.nacos.core.utils.Loggers;
import io.jsonwebtoken.lang.Collections;
import org.apache.commons.lang3.StringUtils;
diff --git a/console/src/main/java/com/alibaba/nacos/console/security/nacos/users/NacosUser.java b/console/src/main/java/com/alibaba/nacos/console/security/nacos/users/NacosUser.java
index d0aaf196b33..8113ae94811 100644
--- a/console/src/main/java/com/alibaba/nacos/console/security/nacos/users/NacosUser.java
+++ b/console/src/main/java/com/alibaba/nacos/console/security/nacos/users/NacosUser.java
@@ -16,7 +16,7 @@
package com.alibaba.nacos.console.security.nacos.users;
-import com.alibaba.nacos.core.auth.User;
+import com.alibaba.nacos.auth.model.User;
/**
* Nacos User.
diff --git a/console/src/main/java/com/alibaba/nacos/console/security/nacos/users/NacosUserDetailsServiceImpl.java b/console/src/main/java/com/alibaba/nacos/console/security/nacos/users/NacosUserDetailsServiceImpl.java
index b899feff603..3f8457d24cd 100644
--- a/console/src/main/java/com/alibaba/nacos/console/security/nacos/users/NacosUserDetailsServiceImpl.java
+++ b/console/src/main/java/com/alibaba/nacos/console/security/nacos/users/NacosUserDetailsServiceImpl.java
@@ -16,10 +16,10 @@
package com.alibaba.nacos.console.security.nacos.users;
+import com.alibaba.nacos.auth.common.AuthConfigs;
import com.alibaba.nacos.config.server.auth.UserPersistService;
import com.alibaba.nacos.config.server.model.Page;
import com.alibaba.nacos.config.server.model.User;
-import com.alibaba.nacos.core.auth.AuthConfigs;
import com.alibaba.nacos.core.utils.Loggers;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.scheduling.annotation.Scheduled;
diff --git a/console/src/test/java/com/alibaba/nacos/console/controller/UserControllerTest.java b/console/src/test/java/com/alibaba/nacos/console/controller/UserControllerTest.java
index 0588372b272..9b3fe8dd62b 100644
--- a/console/src/test/java/com/alibaba/nacos/console/controller/UserControllerTest.java
+++ b/console/src/test/java/com/alibaba/nacos/console/controller/UserControllerTest.java
@@ -16,11 +16,11 @@
package com.alibaba.nacos.console.controller;
+import com.alibaba.nacos.auth.common.AuthConfigs;
+import com.alibaba.nacos.auth.common.AuthSystemTypes;
+import com.alibaba.nacos.auth.exception.AccessException;
import com.alibaba.nacos.console.security.nacos.NacosAuthManager;
import com.alibaba.nacos.console.security.nacos.users.NacosUser;
-import com.alibaba.nacos.core.auth.AccessException;
-import com.alibaba.nacos.core.auth.AuthConfigs;
-import com.alibaba.nacos.core.auth.AuthSystemTypes;
import com.fasterxml.jackson.databind.JsonNode;
import org.junit.Before;
import org.junit.Test;
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/AuthConfig.java b/core/src/main/java/com/alibaba/nacos/core/auth/AuthConfig.java
new file mode 100644
index 00000000000..daf85f7e608
--- /dev/null
+++ b/core/src/main/java/com/alibaba/nacos/core/auth/AuthConfig.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 1999-2018 Alibaba Group Holding Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.alibaba.nacos.core.auth;
+
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * auth filter config.
+ *
+ * @author mai.jh
+ */
+@Configuration
+public class AuthConfig {
+
+ @Bean
+ public FilterRegistrationBean authFilterRegistration() {
+ FilterRegistrationBean registration = new FilterRegistrationBean<>();
+ registration.setFilter(authFilter());
+ registration.addUrlPatterns("/*");
+ registration.setName("authFilter");
+ registration.setOrder(6);
+
+ return registration;
+ }
+
+ @Bean
+ public AuthFilter authFilter() {
+ return new AuthFilter();
+ }
+}
diff --git a/core/src/main/java/com/alibaba/nacos/core/auth/AuthFilter.java b/core/src/main/java/com/alibaba/nacos/core/auth/AuthFilter.java
index 0cf41dcff71..95fc13a194c 100644
--- a/core/src/main/java/com/alibaba/nacos/core/auth/AuthFilter.java
+++ b/core/src/main/java/com/alibaba/nacos/core/auth/AuthFilter.java
@@ -16,6 +16,12 @@
package com.alibaba.nacos.core.auth;
+import com.alibaba.nacos.auth.AuthManager;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.AuthConfigs;
+import com.alibaba.nacos.auth.exception.AccessException;
+import com.alibaba.nacos.auth.model.Permission;
+import com.alibaba.nacos.auth.parser.ResourceParser;
import com.alibaba.nacos.common.utils.ExceptionUtil;
import com.alibaba.nacos.core.code.ControllerMethodsCache;
import com.alibaba.nacos.core.utils.Constants;
diff --git a/naming/src/main/java/com/alibaba/nacos/naming/controllers/CatalogController.java b/naming/src/main/java/com/alibaba/nacos/naming/controllers/CatalogController.java
index 966b0c00f90..ce0992e8fde 100644
--- a/naming/src/main/java/com/alibaba/nacos/naming/controllers/CatalogController.java
+++ b/naming/src/main/java/com/alibaba/nacos/naming/controllers/CatalogController.java
@@ -21,9 +21,9 @@
import com.alibaba.nacos.api.naming.CommonParams;
import com.alibaba.nacos.api.naming.pojo.Cluster;
import com.alibaba.nacos.api.naming.utils.NamingUtils;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
import com.alibaba.nacos.core.utils.WebUtils;
import com.alibaba.nacos.naming.core.Instance;
import com.alibaba.nacos.naming.core.Service;
diff --git a/naming/src/main/java/com/alibaba/nacos/naming/controllers/ClusterController.java b/naming/src/main/java/com/alibaba/nacos/naming/controllers/ClusterController.java
index d3d75fe0ba6..3d1e94890f6 100644
--- a/naming/src/main/java/com/alibaba/nacos/naming/controllers/ClusterController.java
+++ b/naming/src/main/java/com/alibaba/nacos/naming/controllers/ClusterController.java
@@ -21,8 +21,8 @@
import com.alibaba.nacos.api.naming.CommonParams;
import com.alibaba.nacos.api.naming.pojo.healthcheck.AbstractHealthChecker;
import com.alibaba.nacos.api.naming.pojo.healthcheck.HealthCheckerFactory;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.core.utils.WebUtils;
import com.alibaba.nacos.naming.core.Cluster;
import com.alibaba.nacos.naming.core.Service;
diff --git a/naming/src/main/java/com/alibaba/nacos/naming/controllers/HealthController.java b/naming/src/main/java/com/alibaba/nacos/naming/controllers/HealthController.java
index 428e1d61a72..85957f5f4c7 100644
--- a/naming/src/main/java/com/alibaba/nacos/naming/controllers/HealthController.java
+++ b/naming/src/main/java/com/alibaba/nacos/naming/controllers/HealthController.java
@@ -19,9 +19,9 @@
import com.alibaba.nacos.api.common.Constants;
import com.alibaba.nacos.api.naming.CommonParams;
import com.alibaba.nacos.api.naming.pojo.healthcheck.AbstractHealthChecker;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
import com.alibaba.nacos.core.utils.ApplicationUtils;
import com.alibaba.nacos.core.utils.WebUtils;
import com.alibaba.nacos.naming.core.Instance;
diff --git a/naming/src/main/java/com/alibaba/nacos/naming/controllers/InstanceController.java b/naming/src/main/java/com/alibaba/nacos/naming/controllers/InstanceController.java
index 403ff6ec9fa..6e43835d130 100644
--- a/naming/src/main/java/com/alibaba/nacos/naming/controllers/InstanceController.java
+++ b/naming/src/main/java/com/alibaba/nacos/naming/controllers/InstanceController.java
@@ -22,9 +22,9 @@
import com.alibaba.nacos.api.naming.NamingResponseCode;
import com.alibaba.nacos.api.naming.PreservedMetadataKeys;
import com.alibaba.nacos.api.naming.utils.NamingUtils;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
import com.alibaba.nacos.core.utils.WebUtils;
import com.alibaba.nacos.naming.core.Instance;
import com.alibaba.nacos.naming.core.Service;
diff --git a/naming/src/main/java/com/alibaba/nacos/naming/controllers/OperatorController.java b/naming/src/main/java/com/alibaba/nacos/naming/controllers/OperatorController.java
index 30de8d2df5b..f0500924ccc 100644
--- a/naming/src/main/java/com/alibaba/nacos/naming/controllers/OperatorController.java
+++ b/naming/src/main/java/com/alibaba/nacos/naming/controllers/OperatorController.java
@@ -17,9 +17,9 @@
package com.alibaba.nacos.naming.controllers;
import com.alibaba.nacos.api.common.Constants;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
import com.alibaba.nacos.core.cluster.Member;
import com.alibaba.nacos.core.cluster.NodeState;
import com.alibaba.nacos.core.cluster.ServerMemberManager;
diff --git a/naming/src/main/java/com/alibaba/nacos/naming/controllers/ServiceController.java b/naming/src/main/java/com/alibaba/nacos/naming/controllers/ServiceController.java
index f5265c7c7d3..a0b72c67dd3 100644
--- a/naming/src/main/java/com/alibaba/nacos/naming/controllers/ServiceController.java
+++ b/naming/src/main/java/com/alibaba/nacos/naming/controllers/ServiceController.java
@@ -21,10 +21,10 @@
import com.alibaba.nacos.api.naming.CommonParams;
import com.alibaba.nacos.api.naming.utils.NamingUtils;
import com.alibaba.nacos.api.selector.SelectorType;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
import com.alibaba.nacos.common.utils.IoUtils;
import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
import com.alibaba.nacos.core.cluster.ServerMemberManager;
import com.alibaba.nacos.core.utils.WebUtils;
import com.alibaba.nacos.naming.core.Cluster;
diff --git a/naming/src/main/java/com/alibaba/nacos/naming/web/NamingResourceParser.java b/naming/src/main/java/com/alibaba/nacos/naming/web/NamingResourceParser.java
index 773a1df5390..8024a215ecf 100644
--- a/naming/src/main/java/com/alibaba/nacos/naming/web/NamingResourceParser.java
+++ b/naming/src/main/java/com/alibaba/nacos/naming/web/NamingResourceParser.java
@@ -18,8 +18,8 @@
import com.alibaba.nacos.api.naming.CommonParams;
import com.alibaba.nacos.api.naming.utils.NamingUtils;
-import com.alibaba.nacos.core.auth.Resource;
-import com.alibaba.nacos.core.auth.ResourceParser;
+import com.alibaba.nacos.auth.model.Resource;
+import com.alibaba.nacos.auth.parser.ResourceParser;
import org.apache.commons.lang3.StringUtils;
import javax.servlet.http.HttpServletRequest;
diff --git a/test/src/test/java/com/alibaba/nacos/test/core/auth/AuthBase.java b/test/src/test/java/com/alibaba/nacos/test/core/auth/AuthBase.java
index 306007880c5..33a088039c2 100644
--- a/test/src/test/java/com/alibaba/nacos/test/core/auth/AuthBase.java
+++ b/test/src/test/java/com/alibaba/nacos/test/core/auth/AuthBase.java
@@ -16,8 +16,8 @@
package com.alibaba.nacos.test.core.auth;
import com.alibaba.nacos.api.PropertyKeyConst;
+import com.alibaba.nacos.auth.common.AuthConfigs;
import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.AuthConfigs;
import com.alibaba.nacos.test.base.HttpClient4Test;
import com.alibaba.nacos.test.base.Params;
import com.fasterxml.jackson.databind.JsonNode;
diff --git a/test/src/test/java/com/alibaba/nacos/test/core/auth/Permission_ITCase.java b/test/src/test/java/com/alibaba/nacos/test/core/auth/Permission_ITCase.java
index 61c343db7f0..dbad58fe20a 100644
--- a/test/src/test/java/com/alibaba/nacos/test/core/auth/Permission_ITCase.java
+++ b/test/src/test/java/com/alibaba/nacos/test/core/auth/Permission_ITCase.java
@@ -16,9 +16,9 @@
package com.alibaba.nacos.test.core.auth;
import com.alibaba.nacos.Nacos;
+import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.common.utils.JacksonUtils;
import com.alibaba.nacos.config.server.model.Page;
-import com.alibaba.nacos.core.auth.Permission;
import com.alibaba.nacos.test.base.HttpClient4Test;
import com.alibaba.nacos.test.base.Params;
import com.fasterxml.jackson.core.type.TypeReference;