美文网首页
用Spring Security 为Spring Actuato

用Spring Security 为Spring Actuato

作者: 惜时流光沿途留殇 | 来源:发表于2021-04-01 21:49 被阅读0次

    添加依赖

    <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>

    配置类

    import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {

        auth.inMemoryAuthentication().withUser("admin").password("123456").roles("ADMIN").and().passwordEncoder(new MyPasswordEncoder());
    }

    @Bean
    @Override
    protected AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManager();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //对actuator监控所用的访问全部需要认证
       /* http.formLogin().and().authorizeRequests().antMatchers("/actuator**").authenticated().and().formLogin()
                .loginProcessingUrl("/actuator/");
*/
        http.csrf().disable(); // 关闭跨站检测
        http.authorizeRequests().antMatchers("/actuator**").authenticated(); // 所有的请求全验证
        http.formLogin().loginPage("/security/login").loginProcessingUrl("/login_check").failureUrl("/security/login").defaultSuccessUrl("/actuator/").permitAll();
        http.logout().logoutUrl("/security/logout").permitAll();

    }
}


    import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {

        auth.inMemoryAuthentication().withUser("admin").password("123456").roles("ADMIN").and().passwordEncoder(new MyPasswordEncoder());
    }

    @Bean
    @Override
    protected AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManager();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //对actuator监控所用的访问全部需要认证
       /* http.formLogin().and().authorizeRequests().antMatchers("/actuator**").authenticated().and().formLogin()
                .loginProcessingUrl("/actuator/");
*/
        http.csrf().disable(); // 关闭跨站检测
        http.authorizeRequests().antMatchers("/actuator**").authenticated(); // 所有的请求全验证
        http.formLogin().loginPage("/security/login").loginProcessingUrl("/login_check").failureUrl("/security/login").defaultSuccessUrl("/actuator/").permitAll();
        http.logout().logoutUrl("/security/logout").permitAll();

    }
}

    ThymeLeaf配置

    ###ThymeLeaf配置
spring:
  thymeleaf:
    #模板的模式,支持 HTML, XML TEXT JAVASCRIPT
    mode: HTML5
    #编码 可不用配置
    encoding: UTF-8
    #内容类别,可不用配置
    content-type: text/html
    #开发配置为false,避免修改模板还要重启服务器
    cache: false
    #配置模板路径,默认是templates,可以不用配置
    prefix: classpath:/templates

    添加一个Controller路径为/security/login

    @RequestMapping("/security/login")
    public ModelAndView login() {
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("login.html");
        modelAndView.addObject("msg","欢迎来到登录页面");
        return modelAndView;
    }

    新建一个login.html

    
<!DOCTYPE html>
<html xmlns:th="http://www.w3.org/1999/xhtml">
<head>
    <meta charset="UTF-8">

    <title>Insert title here</title>
</head>
<body>
登录页面   <p th:text="${msg}"></p>
<form action="/login_check" method="post">
    <input type="text" name="username" />
    </br>
    </br>
    <input type="text" name="password" />
    </br>
    </br>
    <input type="submit" value="登录" /></br>
</form>


</body>

    相关文章

      网友评论

          本文标题:用Spring Security 为Spring Actuato

          本文链接:https://www.haomeiwen.com/subject/buexkltx.html

          延伸阅读

          深度阅读

          • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

          栏目导航

          热点阅读

          关于我们|服务条款|联系我们|用Spring Security 为Spring Actuato|投稿指南|网站地图|RSS订阅|排版工具|手机版

          提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

          Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

          备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

          本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

          所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!