Spring Boot Admin 授权配置

Admin 服务端配置

添加 POM 引用 

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
    <groupId>de.codecentric</groupId>
    <artifactId>spring-boot-admin-starter-server</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

配置  yml 

spring:
#  profiles:
#  active: dev
  resources:
    static-locations: classpath:/META-INF/resources/,classpath:/resources/,classpath:/static/,classpath:/public/
  security:
    user:
      name: vipsoft
      password: VipSoftOps

添加配置类

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;

/**
 * 授权配置类
 * @author Jimmy
 */
@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {

    private final String adminContextPath;

    public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
        this.adminContextPath = adminServerProperties.getContextPath();
    }


    @Override
    protected void configure(HttpSecurity http) throws Exception {
        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setTargetUrlParameter("redirectTo");
        successHandler.setDefaultTargetUrl(adminContextPath + "/");
        http.authorizeRequests()
                //1.配置所有静态资源和登录页可以公开访问
                .antMatchers(adminContextPath + "/assets/**").permitAll()
                .antMatchers(adminContextPath + "/login").permitAll()
                .anyRequest().authenticated()
                .and()
                //2.配置登录和登出路径
                .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
                .logout().logoutUrl(adminContextPath + "/logout").and()
                //3.开启http basic支持,admin-client注册时需要使用
                .httpBasic().and()
                .csrf()
                //4.开启基于cookie的csrf保护
                .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
                //5.忽略这些路径的csrf保护以便admin-client注册
                .ignoringAntMatchers(
                        adminContextPath + "/instances",
                        adminContextPath + "/actuator/**"
                );
    }

}

运行Admin 后,出现登录框

 

Client 配置

spring:
  boot:
    admin:
      client:
        url: http://192.168.3.95:22589   #这里配置admin server 的地址
        username: vipsoft     #boot admin 中配置的用户名
        password: VipSoftOps  #boot admin 中配置的密码
        instance:
          name: VipSoft His Api Dev
          service-url: http://192.168.0.66:22586 # 对于IP 映射或 Docker 很方便
          prefer-ip: true #true 注册时 admin 中显示IP地址不显示主机名

 运行命令

title VipSoft Admin 22589
java -jar vipsoft-boot-admin-1.0.0.jar --server.port=22589 --spring.security.user.name=vipsoft --spring.security.user.password=VipSoftOps

 

posted @ 2021-10-12 09:03  VipSoft  阅读(723)  评论(0编辑  收藏  举报