Spring Security ，Spring Actuator添加登录认证


<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

一、继承WebSecurityConfigurerAdapter

@Configuration(proxyBeanMethods = false)
public class ActuatorSecurity extends WebSecurityConfigurerAdapter {

}

二、配置限制

1. 不认证

@Override

protected void configure(HttpSecurity http) throws Exception {
       /**
       * 所有都能訪問，放棄判斷權限
       */
http.requestMatcher(EndpointRequest.toAnyEndpoint())
.authorizeRequests((requests) -> requests.anyRequest().permitAll());

   }

2. 认证角色

@Override

protected void configure(HttpSecurity http) throws Exception {

       /**
       * 只有角色ENDPOINT_ADMIN可以看
       */
http.requestMatcher(EndpointRequest.toAnyEndpoint())
.authorizeRequests((requests) -> requests.anyRequest().hasRole("ENDPOINT_ADMIN"));
http.httpBasic();

   }

设置后，访问actuator,弹出登录框

三、配置用户名密码角色

1. 内存模式：

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		PasswordEncoder pe = new PasswordEncoder(){

			@Override
			public String encode(CharSequence rawPassword) {
				System.out.println("rawPassword:"+rawPassword.toString());
				return null;
			}

			@Override
			public boolean matches(CharSequence rawPassword, String encodedPassword) {
				System.out.println("rawPassword2:"+rawPassword);
				System.out.println("encodedPassword2:"+encodedPassword);
				if(rawPassword.toString().equals(encodedPassword)){
					return true;
				}
				return false;
			}
			
		};
        auth
            .inMemoryAuthentication().passwordEncoder(pe)
            .withUser("admin").password("admin").roles("ENDPOINT_ADMIN");
    }

2. 数据库模式

auth.userDetailsService(dbUserDetailsService);

四、其他配置限制（未验证）

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/resources/**", "/signup", "/about").permitAll()
                .antMatchers("/duno/**").hasRole("ENDPOINT_ADMIN")
                .antMatchers("/db/**").access("hasRole('ADMIN') and hasRole('DBA')")
                .anyRequest().authenticated()
                .and()
            .formLogin()
                .usernameParameter("username")
                .passwordParameter("password")
                .failureForwardUrl("/login?error")
                .loginPage("/login")
                .permitAll()
                .and()
            .logout()
                .logoutUrl("/logout")
                .logoutSuccessUrl("/index")
                .permitAll()
                .and()
            .httpBasic()
                .disable();
    }

版权声明：本文来源CSDN，感谢博主原创文章，遵循 CC 4.0 by-sa 版权协议，转载请附上原文出处链接和本声明。
原文链接：https://blog.csdn.net/yunxing323/article/details/108839740
站方申明：本站部分内容来自社区用户分享，若涉及侵权，请联系站方删除。

发表于 2021-05-15 18:44:08
阅读 ( 1275 )
分类：