From 02a250953092bdaa26dca13accbed53c283f73ec Mon Sep 17 00:00:00 2001 From: macro Date: Thu, 17 Oct 2019 17:26:37 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0SpringBoot=20Admin=E7=9B=91?= =?UTF-8?q?=E6=8E=A7=E4=B8=AD=E5=BF=83=E6=94=AF=E6=8C=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/macro/mall/config/SecurityConfig.java | 2 + .../src/main/resources/application-dev.yml | 10 +++- .../mall/demo/config/SecurityConfig.java | 2 + mall-demo/src/main/resources/application.yml | 8 ++++ mall-monitor/.gitignore | 31 ++++++++++++ mall-monitor/pom.xml | 41 ++++++++++++++++ .../macro/mall/MallMonitorApplication.java | 17 +++++++ .../mall/config/SecuritySecureConfig.java | 47 +++++++++++++++++++ .../src/main/resources/application.yml | 19 ++++++++ .../mall/MallMonitorApplicationTests.java | 16 +++++++ .../mall/portal/config/SecurityConfig.java | 2 + .../src/main/resources/application-dev.yml | 10 +++- .../src/main/resources/application-dev.yml | 10 +++- pom.xml | 7 +++ 14 files changed, 219 insertions(+), 3 deletions(-) create mode 100644 mall-monitor/.gitignore create mode 100644 mall-monitor/pom.xml create mode 100644 mall-monitor/src/main/java/com/macro/mall/MallMonitorApplication.java create mode 100644 mall-monitor/src/main/java/com/macro/mall/config/SecuritySecureConfig.java create mode 100644 mall-monitor/src/main/resources/application.yml create mode 100644 mall-monitor/src/test/java/com/macro/mall/MallMonitorApplicationTests.java diff --git a/mall-admin/src/main/java/com/macro/mall/config/SecurityConfig.java b/mall-admin/src/main/java/com/macro/mall/config/SecurityConfig.java index 1fe13ac..2ff5559 100644 --- a/mall-admin/src/main/java/com/macro/mall/config/SecurityConfig.java +++ b/mall-admin/src/main/java/com/macro/mall/config/SecurityConfig.java @@ -70,6 +70,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { .permitAll() .antMatchers(HttpMethod.OPTIONS)//跨域请求会先进行一次options请求 .permitAll() + .antMatchers("/actuator/**")// 允许SpringBoot Admin 访问监控信息 + .permitAll() // .antMatchers("/**")//测试时全部运行访问 // .permitAll() .anyRequest()// 除上面外的所有请求全部需要鉴权认证 diff --git a/mall-admin/src/main/resources/application-dev.yml b/mall-admin/src/main/resources/application-dev.yml index 71cd82a..3ed4765 100644 --- a/mall-admin/src/main/resources/application-dev.yml +++ b/mall-admin/src/main/resources/application-dev.yml @@ -17,4 +17,12 @@ eureka: register-with-eureka: true fetch-registry: true service-url: - defaultZone: http://localhost:8001/eureka/ \ No newline at end of file + defaultZone: http://localhost:8001/eureka/ +management: #开启SpringBoot Admin的监控 + endpoints: + web: + exposure: + include: '*' + endpoint: + health: + show-details: always \ No newline at end of file diff --git a/mall-demo/src/main/java/com/macro/mall/demo/config/SecurityConfig.java b/mall-demo/src/main/java/com/macro/mall/demo/config/SecurityConfig.java index b672478..fe37ffc 100644 --- a/mall-demo/src/main/java/com/macro/mall/demo/config/SecurityConfig.java +++ b/mall-demo/src/main/java/com/macro/mall/demo/config/SecurityConfig.java @@ -34,6 +34,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { .antMatchers("/").authenticated()//该路径需要登录认证 // .antMatchers("/brand/list").hasAuthority("TEST")//该路径需要TEST权限 .antMatchers("/**").permitAll() + .antMatchers("/actuator/**")// 允许SpringBoot Admin 访问监控信息 + .permitAll() .and()//启用基于http的认证 .httpBasic() .realmName("/") diff --git a/mall-demo/src/main/resources/application.yml b/mall-demo/src/main/resources/application.yml index 78d92f8..640ab81 100644 --- a/mall-demo/src/main/resources/application.yml +++ b/mall-demo/src/main/resources/application.yml @@ -32,3 +32,11 @@ eureka: fetch-registry: true service-url: defaultZone: http://localhost:8001/eureka/ +management: #开启SpringBoot Admin的监控 + endpoints: + web: + exposure: + include: '*' + endpoint: + health: + show-details: always diff --git a/mall-monitor/.gitignore b/mall-monitor/.gitignore new file mode 100644 index 0000000..a2a3040 --- /dev/null +++ b/mall-monitor/.gitignore @@ -0,0 +1,31 @@ +HELP.md +target/ +!.mvn/wrapper/maven-wrapper.jar +!**/src/main/** +!**/src/test/** + +### STS ### +.apt_generated +.classpath +.factorypath +.project +.settings +.springBeans +.sts4-cache + +### IntelliJ IDEA ### +.idea +*.iws +*.iml +*.ipr + +### NetBeans ### +/nbproject/private/ +/nbbuild/ +/dist/ +/nbdist/ +/.nb-gradle/ +build/ + +### VS Code ### +.vscode/ diff --git a/mall-monitor/pom.xml b/mall-monitor/pom.xml new file mode 100644 index 0000000..9ef7620 --- /dev/null +++ b/mall-monitor/pom.xml @@ -0,0 +1,41 @@ + + + 4.0.0 + com.macro.mall + mall-monitor + 0.0.1-SNAPSHOT + mall-monitor + mall-monitor project for mall + + + com.macro.mall + mall + 1.0-SNAPSHOT + + + + + org.springframework.cloud + spring-cloud-starter-netflix-eureka-client + + + de.codecentric + spring-boot-admin-starter-server + + + org.springframework.boot + spring-boot-starter-security + + + + + + + org.springframework.boot + spring-boot-maven-plugin + + + + + diff --git a/mall-monitor/src/main/java/com/macro/mall/MallMonitorApplication.java b/mall-monitor/src/main/java/com/macro/mall/MallMonitorApplication.java new file mode 100644 index 0000000..db6062f --- /dev/null +++ b/mall-monitor/src/main/java/com/macro/mall/MallMonitorApplication.java @@ -0,0 +1,17 @@ +package com.macro.mall; + +import de.codecentric.boot.admin.server.config.EnableAdminServer; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.cloud.client.discovery.EnableDiscoveryClient; + +@EnableDiscoveryClient +@EnableAdminServer +@SpringBootApplication +public class MallMonitorApplication { + + public static void main(String[] args) { + SpringApplication.run(MallMonitorApplication.class, args); + } + +} diff --git a/mall-monitor/src/main/java/com/macro/mall/config/SecuritySecureConfig.java b/mall-monitor/src/main/java/com/macro/mall/config/SecuritySecureConfig.java new file mode 100644 index 0000000..785ca3a --- /dev/null +++ b/mall-monitor/src/main/java/com/macro/mall/config/SecuritySecureConfig.java @@ -0,0 +1,47 @@ +package com.macro.mall.config; + +import de.codecentric.boot.admin.server.config.AdminServerProperties; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; +import org.springframework.security.web.csrf.CookieCsrfTokenRepository; + +/** + * Created by macro on 2019/9/30. + */ +@Configuration +public class SecuritySecureConfig extends WebSecurityConfigurerAdapter { + private final String adminContextPath; + + public SecuritySecureConfig(AdminServerProperties adminServerProperties) { + this.adminContextPath = adminServerProperties.getContextPath(); + } + + @Override + protected void configure(HttpSecurity http) throws Exception { + SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); + successHandler.setTargetUrlParameter("redirectTo"); + successHandler.setDefaultTargetUrl(adminContextPath + "/"); + + http.authorizeRequests() + //1.配置所有静态资源和登录页可以公开访问 + .antMatchers(adminContextPath + "/assets/**").permitAll() + .antMatchers(adminContextPath + "/login").permitAll() + .anyRequest().authenticated() + .and() + //2.配置登录和登出路径 + .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and() + .logout().logoutUrl(adminContextPath + "/logout").and() + //3.开启http basic支持,admin-client注册时需要使用 + .httpBasic().and() + .csrf() + //4.开启基于cookie的csrf保护 + .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) + //5.忽略这些路径的csrf保护以便admin-client注册 + .ignoringAntMatchers( + adminContextPath + "/instances", + adminContextPath + "/actuator/**" + ); + } +} diff --git a/mall-monitor/src/main/resources/application.yml b/mall-monitor/src/main/resources/application.yml new file mode 100644 index 0000000..6490fa8 --- /dev/null +++ b/mall-monitor/src/main/resources/application.yml @@ -0,0 +1,19 @@ +spring: + application: + name: mall-monitor + security: # 配置登录用户名和密码 + user: + name: macro + password: 123456 + boot: # 不显示admin-server的监控信息 + admin: + discovery: + ignored-services: ${spring.application.name} +server: + port: 8101 +eureka: + client: + register-with-eureka: true + fetch-registry: true + service-url: + defaultZone: http://localhost:8001/eureka/ diff --git a/mall-monitor/src/test/java/com/macro/mall/MallMonitorApplicationTests.java b/mall-monitor/src/test/java/com/macro/mall/MallMonitorApplicationTests.java new file mode 100644 index 0000000..77e3b62 --- /dev/null +++ b/mall-monitor/src/test/java/com/macro/mall/MallMonitorApplicationTests.java @@ -0,0 +1,16 @@ +package com.macro.mall; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.junit4.SpringRunner; + +@RunWith(SpringRunner.class) +@SpringBootTest +public class MallMonitorApplicationTests { + + @Test + public void contextLoads() { + } + +} diff --git a/mall-portal/src/main/java/com/macro/mall/portal/config/SecurityConfig.java b/mall-portal/src/main/java/com/macro/mall/portal/config/SecurityConfig.java index ac40ba0..574b06a 100644 --- a/mall-portal/src/main/java/com/macro/mall/portal/config/SecurityConfig.java +++ b/mall-portal/src/main/java/com/macro/mall/portal/config/SecurityConfig.java @@ -51,6 +51,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { .permitAll() .antMatchers("/member/**","/returnApply/**")// 测试时开启 .permitAll() + .antMatchers("/actuator/**")// 允许SpringBoot Admin 访问监控信息 + .permitAll() .anyRequest()// 除上面外的所有请求全部需要鉴权认证 .authenticated() .and() diff --git a/mall-portal/src/main/resources/application-dev.yml b/mall-portal/src/main/resources/application-dev.yml index b207181..24021e7 100644 --- a/mall-portal/src/main/resources/application-dev.yml +++ b/mall-portal/src/main/resources/application-dev.yml @@ -21,7 +21,7 @@ spring: host: localhost # Redis服务器地址 database: 0 # Redis数据库索引(默认为0) port: 6379 # Redis服务器连接端口 - password: # Redis服务器连接密码(默认为空) + password: 123456 # Redis服务器连接密码(默认为空) jedis: pool: max-active: 8 # 连接池最大连接数(使用负值表示没有限制) @@ -48,4 +48,12 @@ eureka: fetch-registry: true service-url: defaultZone: http://localhost:8001/eureka/ +management: #开启SpringBoot Admin的监控 + endpoints: + web: + exposure: + include: '*' + endpoint: + health: + show-details: always diff --git a/mall-search/src/main/resources/application-dev.yml b/mall-search/src/main/resources/application-dev.yml index 92fbe2e..29e2a50 100644 --- a/mall-search/src/main/resources/application-dev.yml +++ b/mall-search/src/main/resources/application-dev.yml @@ -22,4 +22,12 @@ eureka: register-with-eureka: true fetch-registry: true service-url: - defaultZone: http://localhost:8001/eureka/ \ No newline at end of file + defaultZone: http://localhost:8001/eureka/ +management: #开启SpringBoot Admin的监控 + endpoints: + web: + exposure: + include: '*' + endpoint: + health: + show-details: always \ No newline at end of file diff --git a/pom.xml b/pom.xml index 51ea892..54852e5 100644 --- a/pom.xml +++ b/pom.xml @@ -41,6 +41,7 @@ 0.9.0 2.5.0 5.3 + 2.1.5 1.0-SNAPSHOT 1.0-SNAPSHOT @@ -164,6 +165,12 @@ logstash-logback-encoder ${logstash-logback.version} + + + de.codecentric + spring-boot-admin-starter-server + ${admin-starter-server.version} +