SpringBoot-Actuator-加SpringSecurity验证
来源:互联网 发布:ipad照片导入mac 编辑:程序博客网 时间:2024/06/06 03:49
背景:
系统中自定义了一些EndPoint来做系统的监控,打成jar包的时候,运行的非常完美,但是打成war包放到tomcat以后发现,management.address和management.port参数无效了!
转载请注明出处:http://blog.csdn.net/goldenfish1919/article/details/78130516
这个倒是也能理解,因为war包以后,端口是由tomcat容器来定义的,而不是应用来定义。本来是想定义额外的端口,跟应用的端口隔离开,然后利用防火墙把EndPoint的端口保护起来,现在只能想别的办法了!
先看官网怎么说:
You can use Spring properties to change the username and password and to change the security role(s) required to access the endpoints. For example, you might set the following in your application.properties
:
security.user.name=adminsecurity.user.password=secretmanagement.security.roles=SUPERUSER
If your application has custom security configuration and you want all your actuator endpoints to be accessible without authentication, you need to explicitly configure that in your security configuration. Along with that, you need to change the management.security.enabled
property to false
.
If your custom security configuration secures your actuator endpoints, you also need to ensure that the authenticated user has the roles specified under management.security.roles
.
也就是说可以用Spring Security来加验证。
解决办法:
(1)application.properties
management.context-path=/manageActuatormanagement.security.enabled=falsemanagement.security.roles=SUPERUSERsecurity.user.name=usernamesecurity.user.password=password
不用再配置port和address了。但是仅仅这样还不够,这样访问系统中的所有的接口都会弹出认证的窗口,所以我们还需要:
(2)定制下SpringSecurity:
@Configuration@EnableWebSecuritypublic class ActuatorSecurityConfig extends WebSecurityConfigurerAdapter{@AutowiredEnvironment env;@Override protected void configure(HttpSecurity http) throws Exception {String contextPath = env.getProperty("management.context-path");if(StringUtils.isEmpty(contextPath)) {contextPath = "";}http.csrf().disable(); http.authorizeRequests() .antMatchers("/**"+contextPath+"/**").authenticated() .anyRequest().permitAll() .and().httpBasic(); }}现在就可以只对EndPoint的访问加验证了。
- SpringBoot-Actuator-加SpringSecurity验证
- springboot actuator
- springBoot+springSecurity验证密码MD5加密
- springBoot+springSecurity验证密码MD5加密
- springboot监控actuator使用手册
- SpringBoot特性之Actuator
- SpringBoot-SpringSecurity集成
- springBoot+mybatis+springsecurity整合!
- SpringBoot集成SpringSecurity+CAS
- SpringBoot四大神器之Actuator
- SpringBoot四大神器之Actuator
- SpringBoot四大神器之Actuator
- SpringBoot四大神器之Actuator
- SpringBoot四大神器之Actuator
- springboot-actuator 401 无权限
- SpringBoot四大神器之Actuator
- SpringBoot四大神器之Actuator
- SpringBoot四大神器之Actuator
- Springboot之旅途
- [Geometry] Alpha Shapes
- iOS 使用QLPreviewController预览本地和网络文件
- MySql数据库链接问题ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
- 分布式b2b b2c o2o电子商务云平台
- SpringBoot-Actuator-加SpringSecurity验证
- 快速用matlab求解线性规划
- 传输层TCP和UDP的区别分析与应用场景 有图有真相(转载)
- VS2017 scanf无法使用的解决方法
- 不可恢复错误:(vcpu-0)之折腾虚拟机
- 苹果越来越重视中国
- 《iOS成长之路》开放订阅,和故胤道长 、张嘉夫 、onevcat、叶孤城、没故事的卓同学等技术大牛共同成长
- 三种计算c#程序运行时间的方法
- ORA-20011 ORA-29913 KUP-11024