源码怎样做网站,软文推广页面,网站怎么免费做推广方案,浙江建设职业技术学院尔雅网站Spring Boot Admin 监控平台
背景#xff1a;Spring Boot Admin 监控平台不添加鉴权就直接访问的话#xff0c;是非常不安全的。所以在生产环境中使用时#xff0c;需要添加鉴权#xff0c;只有通过鉴权后才能监控客户端服务。本文整合Spring Security进行实现。 pom依赖 …Spring Boot Admin 监控平台
背景Spring Boot Admin 监控平台不添加鉴权就直接访问的话是非常不安全的。所以在生产环境中使用时需要添加鉴权只有通过鉴权后才能监控客户端服务。本文整合Spring Security进行实现。 pom依赖 dependenciesdependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-web/artifactId/dependencydependencygroupIdde.codecentric/groupIdartifactIdspring-boot-admin-starter-server/artifactIdversion2.6.11/version/dependency!--alibaba-nacos-discovery(阿里注册中心discovery)--dependencygroupIdcom.alibaba.cloud/groupIdartifactIdspring-cloud-starter-alibaba-nacos-discovery/artifactId/dependencydependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-security/artifactId/dependency/dependenciesdependencyManagementdependencies!--Spring Boot 相关依赖--dependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-parent/artifactIdversion2.5.3/versiontypepom/typescopeimport/scope/dependency!--Spring Cloud 相关依赖--dependencygroupIdorg.springframework.cloud/groupIdartifactIdspring-cloud-dependencies/artifactIdversion2020.0.5/versiontypepom/typescopeimport/scope/dependency!--Spring Cloud Alibaba 相关依赖--dependencygroupIdcom.alibaba.cloud/groupIdartifactIdspring-cloud-alibaba-dependencies/artifactIdversion2021.1/versiontypepom/typescopeimport/scope/dependency/dependencies/dependencyManagementyml配置
server:port: 18000spring:application:name: admin-serversecurity:user:name: adminpassword: admincloud:nacos:discovery:enabled: trueserver-addr: 127.0.0.1:8848group: admin #指定groupnamespace: publicservice: ${spring.application.name}启动类EnableAdminServer
package com.admin;import de.codecentric.boot.admin.server.config.EnableAdminServer;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;EnableDiscoveryClient
EnableAdminServer
SpringBootApplication
public class AdminServerApplication {public static void main(String[] args) {SpringApplication.run(AdminServerApplication.class,args);}
}安全配置类SecuritySecureConfig.java
package com.admin.config;import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;Configuration(proxyBeanMethods false)
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {private final String adminContextPath;public SecuritySecureConfig(AdminServerProperties adminServerProperties) {this.adminContextPath adminServerProperties.getContextPath();}Overrideprotected void configure(HttpSecurity http) throws Exception {SavedRequestAwareAuthenticationSuccessHandler successHandler new SavedRequestAwareAuthenticationSuccessHandler();successHandler.setTargetUrlParameter( redirectTo );http.authorizeRequests().antMatchers( adminContextPath /assets/** ).permitAll().antMatchers( adminContextPath /login ).permitAll().anyRequest().authenticated().and().formLogin().loginPage( adminContextPath /login ).successHandler( successHandler ).and().logout().logoutUrl( adminContextPath /logout ).and().httpBasic().and().csrf().disable();}
}服务启动成功后访问链接http://127.0.0.1:18000。需要先进行登录admin-admin才能进入控制台页面。
客户端服务
背景客户端服务的检查接口/actuator/**默认可以直接通过接口调用是非常不安全的。所以在生产环境中使用时可添加鉴权功能提升安全性。 pom依赖 dependenciesdependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-web/artifactId/dependencydependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-actuator/artifactId/dependencydependencygroupIdde.codecentric/groupIdartifactIdspring-boot-admin-starter-client/artifactIdversion2.6.11/version/dependencydependencygroupIdorg.projectlombok/groupIdartifactIdlombok/artifactIdversion1.16.14/versionscopeprovided/scope/dependency!-- alibaba-nacos-discovery(阿里注册中心discovery)--dependencygroupIdcom.alibaba.cloud/groupIdartifactIdspring-cloud-starter-alibaba-nacos-discovery/artifactId/dependencydependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-security/artifactId/dependency/dependenciesdependencyManagementdependencies!--Spring Boot 相关依赖--dependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-parent/artifactIdversion2.5.3/versiontypepom/typescopeimport/scope/dependency!--Spring Cloud 相关依赖--dependencygroupIdorg.springframework.cloud/groupIdartifactIdspring-cloud-dependencies/artifactIdversion2020.0.5/versiontypepom/typescopeimport/scope/dependency!--Spring Cloud Alibaba 相关依赖--dependencygroupIdcom.alibaba.cloud/groupIdartifactIdspring-cloud-alibaba-dependencies/artifactIdversion2021.1/versiontypepom/typescopeimport/scope/dependency/dependencies/dependencyManagementyml配置通过Url注册
spring:security:user:name: userpassword: userapplication:name: admin-order# spring boot adminboot:admin:client:url: http://127.0.0.1:18000username: adminpassword: admininstance:prefer-ip: truename: admin-order# 这个name与password用于在注册到管理端时使管理端有权限获取客户端端点数据metadata: user.name: ${spring.security.user.name}user.password: ${spring.security.user.password}
server:port: 18001servlet:context-path: /order# endpoints config
management:endpoints:web:exposure:include: *endpoint:health:show-details: alwayslogging:# 只有配置了日志文件才能被监控收集file:name: logs/${spring.application.name}/${spring.application.name}.logyml配置通过注册中心注册
spring:security:user:name: userpassword: userapplication:name: admin-ordercloud:nacos:discovery:metadata:# 为服务实例添加一个名为“user.name”的元数据项并将其值设置为指定的服务用户名。这个用户名通常用于进行鉴权以确保只有授权的用户才能访问该服务。user.name: ${spring.security.user.name}user.password: ${spring.security.user.password}management:# 表示Actuator端点的上下文路径。具体地说这个属性的作用是将Actuator端点的上下文路径设置为${server.servlet.context-path}/actuatorcontext-path: ${server.servlet.context-path}/actuatorenabled: trueserver-addr: 127.0.0.1:8848group: admin #指定groupnamespace: publicservice: ${spring.application.name}server:port: 18001servlet:context-path: /order# endpoints config
management:endpoints:web:exposure:include: *endpoint:health:show-details: alwayslogging:# 只有配置了日志文件才能被监控收集file:name: logs/${spring.application.name}/${spring.application.name}.log启动类
package com.admin;import lombok.extern.slf4j.Slf4j;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;Slf4j
EnableDiscoveryClient
SpringBootApplication
public class AdminOrderApp {public static void main(String[] args) {SpringApplication.run(AdminOrderApp.class, args);}
}服务启动成功后访问监控平台就能监控admin-order服务了。 注意如果监控平台上没有看见客户端服务则需要重启Spring Boot Admin 监控服务
