首頁猿問 Spring Boot 身份驗(yàn)證...

Spring Boot 身份驗(yàn)證 - 管理控制臺(tái) 403 響應(yīng)客戶端

Java

尚方寶劍之說 2022-06-15 15:51:06

我正在使用 jdk 1.8 和 Spring boot 2.1.2。我想在 Spring Boot 的管理控制臺(tái)及其客戶端中啟用身份驗(yàn)證。我在Administration application.properties中設(shè)置：spring.security.user.name=adminspring.security.user.password=secretspring.boot.admin.discovery.enabled=truemanagement.endpoints.web.exposure.include=*management.endpoints.web.cors.allowed-methods=GET,POST在管理項(xiàng)目中，我添加了這個(gè)類：@EnableWebSecurity@Configurationpublic class SecuritySecureConfig extends WebSecurityConfigurerAdapter { private static final Logger logger = (Logger) LoggerFactory.getLogger(SecuritySecureConfig.class); private final String adminContextPath; public SecuritySecureConfig(AdminServerProperties adminServerProperties) { this.adminContextPath = adminServerProperties.getContextPath(); } @Overrideprotected void configure(HttpSecurity http) throws Exception { SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); successHandler.setTargetUrlParameter("redirectTo"); successHandler.setDefaultTargetUrl(adminContextPath + "/"); http.authorizeRequests() .antMatchers(adminContextPath + "/assets/**").permitAll() .antMatchers(adminContextPath + "/login").permitAll() .anyRequest().authenticated() .and() .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and() .logout().logoutUrl(adminContextPath + "/logout").and() .httpBasic().and() .csrf() .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) .ignoringAntMatchers( adminContextPath + "/instances", adminContextPath + "/actuator/**" ); }}

查看完整描述

1 回答

皈依舞

TA貢獻(xiàn)1851條經(jīng)驗(yàn) 獲得超3個(gè)贊

我有同樣的問題，所以使用

@EnableWebFluxSecurity

并不是

@EnableWebSecurity

像這樣

@Configuration

@EnableWebFluxSecurity

public class AppSecurityConfig {

private final AdminServerProperties adminServer;

public AppSecurityConfig (AdminServerProperties adminServer) {

this.adminServer = adminServer;

}

@Bean

public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {

http

.securityMatcher(new NegatedServerWebExchangeMatcher(

ServerWebExchangeMatchers.pathMatchers("/instances")))

.securityMatcher(new NegatedServerWebExchangeMatcher(

ServerWebExchangeMatchers.pathMatchers("/actuator/**")))

.authorizeExchange()

.anyExchange().authenticated()

.and()

.formLogin()

.loginPage(this.adminServer.getContextPath() + "/login")

.and()

.logout()

.logoutUrl(this.adminServer.getContextPath() + "/logout")

.and()

.httpBasic()

.and()

.csrf().disable();

return http.build();

} }

在你的 application.yml

spring:

security:

user:

password: ${ADMIN_PASSWORD}

application:

boot:

admin:

client:

username: ${ADMIN_USER}

password: ${ADMIN_PASSWORD}

url: ${ADMIN_SERVER_URL}

enabled: true

ui:

cache:

no-cache: true

title: App Monitoring

instance:

main:

allow-bean-definition-overriding: true

management:

endpoints:

web:

exposure:

include: "*"

cors:

allowed-origins: "*"

allowed-methods: GET,POST

endpoint:

health:

show-details: always

如果您愿意，它可以自行監(jiān)控

在客戶端應(yīng)用程序中

spring:

boot:

admin:

client:

url: ${ADMIN_SERVER_URL}

username: ${ADMIN_USER}

password: ${ADMIN_PASSWORD}

instance:

auto-registration: true

application:

反對回復(fù) 2022-06-15

1 回答
0 關(guān)注
222 瀏覽

關(guān)注

添加回答

舉報(bào)

0/150

提交

取消

使用 Ctrl+D 可將網(wǎng)站添加到書簽

微信客服

購課補(bǔ)貼
聯(lián)系客服咨詢優(yōu)惠詳情

幫助反饋 APP下載

慕課網(wǎng)APP
您的移動(dòng)學(xué)習(xí)伙伴

公眾號(hào)

掃描二維碼
關(guān)注慕課網(wǎng)微信公眾號(hào)

第七色在线视频,2021少妇久久久久久久久久,亚洲欧洲精品成人久久av18,亚洲国产精品特色大片观看完整版,孙宇晨将参加特朗普的晚宴

熱搜

最近搜索清空

Spring Boot 身份驗(yàn)證 - 管理控制臺(tái) 403 響應(yīng)客戶端

Spring Boot 身份驗(yàn)證 - 管理控制臺(tái) 403 響應(yīng)客戶端

1 回答

添加回答