3

Spring Boot Admin 无需spring-boot-starter-security依赖即可正常工作。一旦我包含它,无论我如何配置安全性(通过 application.yml 或WebSecurityConfigurerAdapter),一切似乎都很奇怪。

我的目标是(1)Spring Boot 管理服务器通过登录(例如 HTTP 基本身份验证)得到保护,并且(2)客户端可以将数据发送到受保护的服务器。

这是我希望工作的配置:

客户端:application.yml

spring:
  boot:
    admin:
      client:
        url:
          - "http://localhost:8090"
        instance:
          metadata:
            user.name: ${myApp.security.usernameAdmin}
            user.password: ${myApp.security.passwordAdmin} 
        username: admin
        password: adminPwd

管理服务器:build.gradle

dependencies {
    compile "de.codecentric:spring-boot-admin-starter-server:2.0.0"
    compile "org.springframework.boot:spring-boot-starter-security"
}

第一次尝试使 管理服务器正常工作:application.yml

server:
  port: 8090

spring:
  security:
    user:
      name: admin
      password: adminPwd

logging:
  level:
    org.springframework.security: DEBUG

结果:客户端无法连接

第二次尝试使 管理服务器正常工作:WebSecurityConfigurerAdapter

@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated()
                .and().httpBasic();
    }

}

结果:客户端无法连接

第三次尝试使 管理服务器正常工作:WebSecurityConfigurerAdapter

@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
    private static final String ADMIN_ROLE = "ADMIN";
    private static final String ADMIN_PASSWORD = "adminPwd";
    private static final String ADMIN_USER_NAME = "admin";
    private final String adminContextPath;

    public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
        adminContextPath = adminServerProperties.getContextPath();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // @formatter:off
            SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
            successHandler.setTargetUrlParameter("redirectTo");

            http.authorizeRequests()
                .antMatchers(adminContextPath + "/assets/**").permitAll()
                .antMatchers(adminContextPath + "/login").permitAll()
                .anyRequest().hasRole(ADMIN_ROLE)
                .and()
            .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
            .logout().logoutUrl(adminContextPath + "/logout").and()
            .httpBasic().and()
            .csrf().disable();
            // @formatter:on
    }

    @Override
    @Autowired
    protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .withUser(ADMIN_USER_NAME)
                .password(ADMIN_PASSWORD)
                .roles(ADMIN_ROLE);
        ;
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }
}

结果:客户端无法连接...

4

0 回答 0