Spring Boot Admin 2.0.0:客户端无法连接到安全服务器

时间:2018-06-14 15:52:07

标签: java spring-boot spring-security spring-boot-admin

Spring Boot Admin在没有spring-boot-starter-security依赖关系的情况下正常工作。只要我包含它,无论我如何配置安全性(通过application.yml或WebSecurityConfigurerAdapter),一切看起来都很奇怪。

我的目标是(1)Spring Boot Admin Server通过登录(例如HTTP Basic Auth)保护,(2)客户端可以将数据发送到安全服务器。

这是我期望的配置:

客户:application.yml 

spring:
  boot:
    admin:
      client:
        url:
          - "http://localhost:8090"
        instance:
          metadata:
            user.name: ${myApp.security.usernameAdmin}
            user.password: ${myApp.security.passwordAdmin} 
        username: admin
        password: adminPwd

管理员服务器:build.gradle 

dependencies {
    compile "de.codecentric:spring-boot-admin-starter-server:2.0.0"
    compile "org.springframework.boot:spring-boot-starter-security"
}

第一次尝试让事情有效 管理员服务器:application.yml 

server:
  port: 8090

spring:
  security:
    user:
      name: admin
      password: adminPwd

logging:
  level:
    org.springframework.security: DEBUG

结果:客户端无法连接

第二次尝试让事情有效 管理员服务器:WebSecurityConfigurerAdapter 

@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated()
                .and().httpBasic();
    }

}

结果:客户端无法连接

第三次尝试让事情有效 管理员服务器:WebSecurityConfigurerAdapter 

@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
    private static final String ADMIN_ROLE = "ADMIN";
    private static final String ADMIN_PASSWORD = "adminPwd";
    private static final String ADMIN_USER_NAME = "admin";
    private final String adminContextPath;

    public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
        adminContextPath = adminServerProperties.getContextPath();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // @formatter:off
            SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
            successHandler.setTargetUrlParameter("redirectTo");

            http.authorizeRequests()
                .antMatchers(adminContextPath + "/assets/**").permitAll()
                .antMatchers(adminContextPath + "/login").permitAll()
                .anyRequest().hasRole(ADMIN_ROLE)
                .and()
            .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
            .logout().logoutUrl(adminContextPath + "/logout").and()
            .httpBasic().and()
            .csrf().disable();
            // @formatter:on
    }

    @Override
    @Autowired
    protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .withUser(ADMIN_USER_NAME)
                .password(ADMIN_PASSWORD)
                .roles(ADMIN_ROLE);
        ;
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }
}

结果:客户端无法连接...

0 个答案:

没有答案
相关问题
最新问题