Springboot: Springboot + spring boot admin 監控 spring security許可權控制
阿新 • • 發佈:2018-12-10
Springboot admin 很好的提供了對Springboot的監控,但是不建議直接將admin整合到已有的專案中。於是我另起一個專案,考慮到不能讓所有人都能看到這些資料了,於是引入了spring security。
本次使用的是spring-boot-admin-server:2.0.3
server 和 clent 的關係,client通過http註冊到server中,當然也可以使用服務註冊發現Spring Cloud(Eureka、Consul等等)註冊到admin server中進行展示
一、springboot admin 服務端
建立一個Springboot工程
新增依賴,
<properties> ... <spring-boot-admin.version>2.0.3</spring-boot-admin.version> </properties> <!-- https://mvnrepository.com/artifact/de.codecentric/spring-boot-admin-server --> <dependency> <groupId>de.codecentric</groupId> <artifactId>spring-boot-admin-server</artifactId> <version>${spring-boot-admin.version}</version> </dependency> <!-- https://mvnrepository.com/artifact/de.codecentric/spring-boot-admin-server-ui --> <dependency> <groupId>de.codecentric</groupId> <artifactId>spring-boot-admin-server-ui</artifactId> <version>${spring-boot-admin.version}</version> </dependency> <!-- security 許可權 --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency>
在啟動器裡開啟amdinserver
package com.example.admin; import de.codecentric.boot.admin.server.config.EnableAdminServer; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication @EnableAdminServer public class AdminApplication { public static void main(String[] args) { SpringApplication.run(AdminApplication.class, args); } }
- @EnableAdminServer 開啟adminserver
新增許可權(參考文件:http://codecentric.github.io/spring-boot-admin/2.0.3/#securing-spring-boot-admin)
@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
private final String adminContextPath;
public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(adminContextPath + "/monitor");
http.authorizeRequests()
.antMatchers(adminContextPath + "/assets/**").permitAll()
.antMatchers(adminContextPath + "/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
.logout().logoutUrl(adminContextPath + "/logout").and()
.httpBasic().and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringAntMatchers(
adminContextPath + "/instances",
adminContextPath + "/actuator/**"
);
// @formatter:on
}
}
配置application.yml
server:
port: 8500
spring:
boot:
admin:
context-path: monitor # 專案名稱,當然也可以不填啦
建立預設使用者,這裡只是簡單的新增了一個root使用者,其他操作建議去spring.io官網檢視具體的文件
@EnableWebSecurity
public class WebSecurityConfig implements WebMvcConfigurer {
@Bean
public UserDetailsService userDetailsService() throws Exception {
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withDefaultPasswordEncoder().username("root").password("root").roles("administrator").build());
return manager;
}
}
啟動訪問(http://localhost:8500/monitor )
成功訪問,但是還沒有client註冊進來,接著開整client
二、springboot admin 客戶端(client)
引入依賴
<!-- https://mvnrepository.com/artifact/de.codecentric/spring-boot-admin-starter-client -->
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
<version>2.0.3</version>
</dependency>
配置檔案application.yml
server:
port: 8501
servlet:
context-path: /clent1
spring:
boot:
admin:
client:
url: http://localhost:8500/monitor # server服務端的地址
username: root
password: root
instance:
service-base-url: http://localhost:8501 # 本專案的地址
name: clent1
management:
endpoints:
web:
exposure:
include: "*"
endpoint:
health:
show-details: ALWAYS
info:
version: @[email protected]
name: @[email protected]
author: wwq
blog: https://blog.csdn.net/qq_25582683
啟動client
結束,最後附上demo:demo