Spring Boot Admin版本:2.0.4
我正在尝试支持LDAP安全性以登录到Spring Boot Admin,但也支持BasicAuthentication对客户端注册到SPA服务器。在LDAP完全关闭的情况下,我无法让客户端向服务器注册。
我得到的错误
无法将应用程序注册为Application(name = spring-boot-application,managementUrl = ....
服务器application.yml
spring.security.user.name: admin
spring.security.user.password: admin
我已配置但已关闭LDAP的安全性,我现在正尝试保护端点。
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final String adminContextPath;
public SecurityConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Autowired
private LDAPConfig ldapConfig;
/**
* Configure LDAP as AuthN manager.
* @param auth
* @throws Exception
*/
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
try {
auth
.eraseCredentials(false)
.ldapAuthentication()
.ldapAuthoritiesPopulator(new DSTLdapAuthoritiesPopulator())
.userDnPatterns(ldapConfig.getUserDnPatterns())
.contextSource()
.url(ldapConfig.getUrl());
} catch (Exception e) {
throw new BeanInitializationException("Security configuration failed", e);
}
}
/**
* Taken from official example: http://codecentric.github.io/spring-boot-admin/2.0.4/#_securing_spring_boot_admin_server
* Configure login page.
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic();
if (ldapConfig.isEnabled()) {
// @formatter:off
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(adminContextPath + "/");
http.authorizeRequests()
.antMatchers(adminContextPath + "/assets/**").permitAll()
.antMatchers(adminContextPath + "/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
.logout().logoutUrl(adminContextPath + "/logout").and()
.httpBasic().and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringAntMatchers(
adminContextPath + "/instances",
adminContextPath + "/actuator/**"
);
// If grant-access-to-groups is not configured in application.yml, any WSS-MASTER users are allowed to login to BootAdmin
if( ldapConfig.getGrantAccessToGroups() == null ) {
http.authorizeRequests().antMatchers("/**").authenticated();
} else {
// Only users in the group are allowed to login to BootAdmin.
// secure all access to only a certain group of users
http.authorizeRequests().antMatchers("/**").hasAnyRole(ldapConfig.getGrantAccessToGroups());
}
}
}
}
使用Petclinic Spring Boot应用程序 2.1.0-SNAPSHOT(不确定该版本是否是我的问题)
application.properties
management.endpoints.web.base-path=/manage
spring.boot.admin.client.url=http://localhost:8081
management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always
# Secure the registration at the server.
spring.boot.admin.client.username=admin
spring.boot.admin.client.password=admin
# This secures the client endpoints
spring.security.user.name=admin
spring.security.user.password=admin
# These are used by the server to access protected endpoints.
spring.boot.admin.client.instance.metadata.user.name=admin
spring.boot.admin.client.instance.metadata.user.password=admin
答案 0 :(得分:0)
还尝试设置服务器属性
spring.boot.admin。用户名:admin
spring.boot.admin.password:管理员
在服务器application.yml
中