Spring Security ，Spring Actuator添加登录认证

最新推荐文章于 2025-04-02 10:01:43 发布

三侠剑

最新推荐文章于 2025-04-02 10:01:43 发布

阅读量4.3k

点赞数

分类专栏： SpringBoot

本文链接：https://blog.youkuaiyun.com/yunxing323/article/details/108839740

版权

SpringBoot 专栏收录该内容

35 篇文章

订阅专栏


<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

一、继承WebSecurityConfigurerAdapter

@Configuration(proxyBeanMethods = false)
public class ActuatorSecurity extends WebSecurityConfigurerAdapter {

}

二、配置限制

1. 不认证

@Override

protected void configure(HttpSecurity http) throws Exception {
       /**
       * 所有都能訪問，放棄判斷權限
       */
http.requestMatcher(EndpointRequest.toAnyEndpoint())
.authorizeRequests((requests) -> requests.anyRequest().permitAll());

   }

2. 认证角色

@Override

protected void configure(HttpSecurity http) throws Exception {

       /**
       * 只有角色ENDPOINT_ADMIN可以看
       */
http.requestMatcher(EndpointRequest.toAnyEndpoint())
.authorizeRequests((requests) -> requests.anyRequest().hasRole("ENDPOINT_ADMIN"));
http.httpBasic();

   }

设置后，访问actuator,弹出登录框

三、配置用户名密码角色

1. 内存模式：

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		PasswordEncoder pe = new PasswordEncoder(){

			@Override
			public String encode(CharSequence rawPassword) {
				System.out.println("rawPassword:"+rawPassword.toString());
				return null;
			}

			@Override
			public boolean matches(CharSequence rawPassword, String encodedPassword) {
				System.out.println("rawPassword2:"+rawPassword);
				System.out.println("encodedPassword2:"+encodedPassword);
				if(rawPassword.toString().equals(encodedPassword)){
					return true;
				}
				return false;
			}
			
		};
        auth
            .inMemoryAuthentication().passwordEncoder(pe)
            .withUser("admin").password("admin").roles("ENDPOINT_ADMIN");
    }

2. 数据库模式

auth.userDetailsService(dbUserDetailsService);

四、其他配置限制（未验证）

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/resources/**", "/signup", "/about").permitAll()
                .antMatchers("/duno/**").hasRole("ENDPOINT_ADMIN")
                .antMatchers("/db/**").access("hasRole('ADMIN') and hasRole('DBA')")
                .anyRequest().authenticated()
                .and()
            .formLogin()
                .usernameParameter("username")
                .passwordParameter("password")
                .failureForwardUrl("/login?error")
                .loginPage("/login")
                .permitAll()
                .and()
            .logout()
                .logoutUrl("/logout")
                .logoutSuccessUrl("/index")
                .permitAll()
                .and()
            .httpBasic()
                .disable();
    }