剑鸣秋朔

Appearance

章节导航

添加安全访问控制

添加 Spring Security 依赖

xml
<!-- 开启登录认证功能 -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

编写认证配置 

@Configuration
public class SecuritySecureConfig {

    /**
     * 应用上下文路径
     */
    private final String adminContextPath;

    public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
        this.adminContextPath = adminServerProperties.getContextPath();
    }


    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        SavedRequestAwareAuthenticationSuccessHandler
                successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setTargetUrlParameter("redirectTo");
        successHandler.setDefaultTargetUrl(adminContextPath + "/");

        http.authorizeHttpRequests(request -> request
                .requestMatchers(
                        adminContextPath + "/assets/**",
                        adminContextPath + "/login",
                        adminContextPath + "/actuator",
                        adminContextPath + "/actuator/**",
                        adminContextPath + "/instances",
                        adminContextPath + "/instances/**"
                )
                .permitAll()
                .anyRequest().authenticated()
        );


        http.formLogin(login -> login
                .loginPage(adminContextPath + "/login")
                .successHandler(successHandler)
        );

        http.logout(logout -> logout
                .logoutUrl(adminContextPath + "/logout")
        );

        //  http.httpBasic().csrf(csrf ->csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()));

        return http.build();
    }


}

自定义认证信息, 需要对 Spring Security 有基础的认识

配置文件编写

添加登录账号及密码, 登录账号: admin, 登录密码: 123456

yaml
spring:
  # 登录账号和密码配置
  security:
    user:
      name: admin
      password: 123456

展示

启动项目, 访问: http://127.0.0.1:8005/actuator/applications 输入账号密码访问后台

更多

更多配置, 见 https://gitee.com/itdachen/fly-cloud fly-actuator 模块