有没有办法向admin servlet添加登录安全性?
似乎在V0.7中,您可以将以下两个添加到您的yaml文件中:
adminUsername: user1234
adminPassword: pass5678
但是我在最新版本(0.9.2)中尝试了它并且它给了我一个错误说: server.yaml有错误:
* Unrecognized field at: server.adminConnectors.[0].adminUsername
Did you mean?:
- soLingerTime
- bindHost
- idleTimeout
- useServerHeader
- useDateHeader
[14 more]
这就是我所拥有的:
adminConnectors:
- type: http
port: 9180
adminUsername: user1234
adminPassword: pass5678
答案 0 :(得分:0)
我在Heroku上运行一个应用程序,它只允许应用程序提供单个端口。我在我的应用程序(Kotlin)的AdminServlet方法中将run()附加到主HTTP端口(8080):
environment.applicationContext.apply {
setAttribute(MetricsServlet.METRICS_REGISTRY, environment.metrics())
setAttribute(HealthCheckServlet.HEALTH_CHECK_REGISTRY, environment.healthChecks())
addServlet(NonblockingServletHolder(AdminServlet()), "/admin/*")
}
然后,我用BasicAuthFilter保护这条路径(仍然是Kotlin,你应该使用它):
val basicAuthFilter = BasicAuthFilter("admin", configuration.adminUsername, configuration.adminPassword)
val adminFilter = environment.servlets().addFilter("AdminFilter", basicAuthFilter)
adminFilter.addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST), false, "/admin/*")