微服务:整合 Spring Boot Admin - 开启Security安全认证

Posted IT工匠

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了微服务:整合 Spring Boot Admin - 开启Security安全认证相关的知识,希望对你有一定的参考价值。

一、前言

  监控类的数据 Web 管理端最好不要设置成直接通过输入访问地址就可以访问,必须得进行用户认证才行,以保证数据的安全性。Spring Boot Admin 开启认证也可以借助于 spring-boot-starter-security。

二、代码演示

1、microservice-monitor-server -> pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <parent>
        <artifactId>microservice-minitor</artifactId>
        <groupId>com.microservice</groupId>
        <version>1.0-SNAPSHOT</version>
    </parent>
    <modelVersion>4.0.0</modelVersion>

    <artifactId>microservice-monitor-server</artifactId>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>de.codecentric</groupId>
            <artifactId>spring-boot-admin-starter-server</artifactId>
            <version>2.2.0</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

    </dependencies>
    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>
</project>

监控中心需要添加 spring-boot-starter-security 的依赖。

2、microservice-monitor-server -> application.yml

server:
  port: 8888
spring:
  application:
    name: SpringBootAdmin
  boot:
    admin:
      ui:
        title: SpringBootAdmin-Server
  security:
    user:
      name: "admin"
      password: "admin"

eureka:
  instance:
    hostname: localhost
    metadata-map:
      user.name: ${spring.security.user.name}
      user.password: ${spring.security.user.password}
  client:
    register-with-eureka: true
    fetch-registry: true
    serviceUrl:
      defaultZone: http://localhost:8001/register/eureka/


3、microservice-monitor-server -> MonitorWebSecurityConfigure.java

package com.microservice.minitor.config;

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;

@EnableWebSecurity
public class MonitorWebSecurityConfigure extends WebSecurityConfigurerAdapter {
    private final String adminContextPath;

    public MonitorWebSecurityConfigure(AdminServerProperties adminServerProperties) {
        this.adminContextPath = adminServerProperties.getContextPath();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // @formatter:off
        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setTargetUrlParameter("redirectTo");
        successHandler.setDefaultTargetUrl(adminContextPath + "/");

        http.authorizeRequests()
                //授予对所有静态资产和登录页面的公共访问权限。
                .antMatchers(adminContextPath + "/assets/**").permitAll()
                .antMatchers(adminContextPath + "/login").permitAll()
                //必须对每个其他请求进行身份验证
                .anyRequest().authenticated()
                .and()
                //配置登录和注销
                .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
                .logout().logoutUrl(adminContextPath + "/logout").and()
                //启用HTTP-Basic支持。这是Spring Boot Admin Client注册所必需的
                .httpBasic().and();
        // @formatter:on
    }
}

三、运行测试

启动注册中心 =》启动监控中心

打开Url:http://localhost:8888 会自动跳转到 http://localhost:8888/login

 

 使用我们在application.yml中配置的用户名及密码,登录之后

 

以上是关于微服务:整合 Spring Boot Admin - 开启Security安全认证的主要内容,如果未能解决你的问题,请参考以下文章

Spring Boot Admin 微服务监控管理

Spring Boot Admin 微服务监控管理

Spring Boot Admin + Docker 部署服务

spring boot admin + spring boot actuator + erueka 微服务监控

微服务架构之spring boot admin

SpringCloud微服务监控Spring Boot Admin