一、服务端
1、添加依赖
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-server</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
2、编写配置文件
server:
port: 6080
spring:
boot:
admin:
ui:
title: 系统监控
security:
user:
#springboot admin登录页的账号密码,和客户端保持一致
name: admin
password: 123456
cloud:
nacos:
config:
server-addr: nacos地址
username: nacos
password: nacos
discovery:
server-addr: nacos地址
username: nacos
password: nacos
3、编写配置类
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final String adminContextPath;
public WebSecurityConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(adminContextPath + "/");
http
.headers().frameOptions().disable()
.and().authorizeRequests()
.antMatchers(adminContextPath + "/assets/**"
, adminContextPath + "/login"
).permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(adminContextPath + "/login")
.successHandler(successHandler).and()
.logout().logoutUrl(adminContextPath + "/logout")
.and()
.httpBasic().and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringAntMatchers(
adminContextPath + "/instances",
adminContextPath + "/actuator/**"
);
}
}
4、启动项加注解
@EnableAdminServer
@EnableDiscoveryClient
@SpringBootApplication
public class ServerApp {
public static void main(String[] args) {
SpringApplication.run(ServerApp.class,args);
}
}
二、客户端-普通客户端
1、添加pom
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-client</artifactId>
</dependency>
2、编写配置文件
spring:
boot:
admin:
client:
#服务端部署的地址和端口
url: http://192.168.1.110:6080
#springboot admin登录页的账号密码,和服务端保持一致
username: admin
password: 123456
instance:
prefer-ip: true
#actuator 防止漏洞攻击
metadata:
user.name: ${spring.security.user.name}
user.password: ${spring.security.user.password}
auto-deregistration: true
register-once: true
#actuator 防止漏洞攻击
security:
user:
name: client
password: client123456
#nacos配置
cloud:
nacos:
config:
server-addr: nacos地址
username: nacos
password: nacos
discovery:
server-addr: nacos地址
username: nacos
password: nacos
metadata:
management:
context-path: ${server.servlet.context-path}/actuator
#actuator 防止漏洞攻击; 同样需要在nacos中配置元数据
user.name: ${spring.security.user.name}
user.password: ${spring.security.user.password}
management:
endpoints:
web:
exposure:
include: '*'
endpoint:
health:
show-details: always
logfile:
enabled: true
#此处配置你的日志文件地址,方便在springboot admin服务端查看
external-file: logs/${spring.application.name}.log
server:
servlet:
context-path: ${server.servlet.context-path}
3、编写配置类
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic()
.and()
.authorizeRequests()
.antMatchers("/actuator/**").authenticated()
.anyRequest().permitAll()
.and()
.csrf().disable();
}
}
三、客户端-网关-SpringCloudGateway
SpringCloud Gateway 网关作为 Springboot Admin客户端时,配置和普通客户端有所不同
1、添加依赖
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
</dependency>
2、编写配置文件
和普通客户端配置相同
3、编写配置类
@Configuration
@EnableWebFluxSecurity
public class WebSecurityConfig {
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
http.
authorizeExchange()
.pathMatchers("/actuator/**").authenticated()
.pathMatchers("/**").permitAll()
.and()
.httpBasic()
.and()
.formLogin()
.and()
.csrf().disable();
return http.build();
}
}
四、注意事项
1、注册中心
如果使用eureka作为注册中心,客户端更改如下配置
spring:
cloud:
nacos:
discovery:
metadata:
user.name: ${spring.security.user.name}
user.password: ${spring.security.user.password}
#改成下面这样
eureka:
instance:
metadata-map:
user.name: ${spring.security.user.name}
user.password: ${spring.security.user.password}
扫一扫
1528
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
