效果展示
客户端
maven引用
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.0.RELEASE</version>
</parent>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
<version>2.0.0</version>
</dependency>
配置文件
management:
endpoints:
web:
exposure:
include: '*'
endpoint:
health:
show-details: always
安全保护
public class ActuatorAuthFilter implements Filter, Ordered {
private AuthService authService = SpringBootBeanUtil.getBean(AuthService.class);
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
boolean authPass = false;
HttpServletRequest req = (HttpServletRequest) request;
String system = req.getHeader("system");
String token = req.getHeader("token");
if ( !StringUtil.isEmpty(system) && !StringUtil.isEmpty(token)) {
if(system.equals("haopanwatch") && token.equals("7e447e5d38d323b847edf2b4895eb242")){
authPass = true;
}
}
if (authPass) {
chain.doFilter(request, response);
} else {
Result result = Result.errorResult().setMsg("NoAuthAccess").setCode(SystemErrorCodeEnum.ErrorCode.TokenAuthError.get_value());
response.getWriter().println(JSON.toJSON(result));
}
}
@Override
public void destroy() {
}
@Override
public int getOrder() {
return 11;
}
}
管理端
maven引用
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.0.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-server</artifactId>
<version>2.2.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jetty</artifactId>
</dependency>
</dependencies>
配置文件
server.port=9550
spring.application.name=springboot-admin-server
#配置一个账号和密码
spring.security.user.name=admin
spring.security.user.password=abcd@1234
启动注解
@SpringBootApplication
@EnableAdminServer
public class HaopanWatchApplication {
public static void main(String[] args) {
SpringApplication.run(HaopanWatchApplication.class, args);
}
@Bean
public ApplicationRunner applicationRunner() {
return applicationArguments -> {
System.out.println("haopanwatch启动成功!");
};
}
}
安全保护
@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
//项目应用路径
private final String adminContextPath;
public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(adminContextPath + "/");
http.authorizeRequests()
//无需登录即可访问
.antMatchers(adminContextPath + "/assets/**").permitAll()
.antMatchers(adminContextPath + "/login").permitAll()
.anyRequest().authenticated()
.and()
//登录和登出路径
.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
.logout().logoutUrl(adminContextPath + "/logout").and()
//开启http basic支持,admin-client注册时需要使用
.httpBasic().and()
.csrf()
//开启基于cookie的csrf保护
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
//忽略这些路径的csrf保护以便admin-client注册
.ignoringAntMatchers(
adminContextPath + "/instances",
adminContextPath + "/actuator/**"
);
}
}
客户端认证
@Component
public class HttpHeadersProviderConfig implements HttpHeadersProvider {
@Override
public HttpHeaders getHeaders(Instance instance) {
HttpHeaders httpHeaders = new HttpHeaders();
//设置约定好的请求头参数
httpHeaders.add("token", "7e447e5d38d323b847edf2b4895eb242");
httpHeaders.add("system", "haopanwatch");
return httpHeaders;
}
}