Eureka Server 增加安全用户认证博客分类： spring boot 实践笔记 spring cloudeureka serversecurity

程序员文章站 2024-03-13 18:53:39

...

环境：spring cloud Finchley.RC2，spring boot 2.0.2.RELEASE，eureka 1.9.0

1. pom 文件中引入依赖

添加spring-security支持:

<dependency> 
     <groupId>org.springframework.boot</groupId> 
     <artifactId>spring-boot-starter-security</artifactId> 
</dependency>

2. application.yml 文件增加管理的用户名密码配置

2.1 增加 spring.security 配置

spring:
  security:
    basic:
      enabled: true
    user:
      name: admin
      password: admin123456

2.2 eureka.client.serviceUrl.defaultZone 修改，增加账号密码

http://${spring.security.user.name}:${spring.security.user.password}@${eureka.instance.hostname}:${server.port}/eureka/

2.3 修改后Eureka Server 的完整的 application.yml 为：

server:
  port: 8082

spring:
  security:
    basic:
      enabled: true
    user:
      name: admin
      password: admin123456

eureka:
  instance:
    hostname: localhost
  client:
    registerWithEureka: false
    fetchRegistry: false
    serviceUrl:
      defaultZone: http://${spring.security.user.name}:${spring.security.user.password}@${eureka.instance.hostname}:${server.port}/eureka/

3. Eureka Server端关闭security的csrf检验

新版的security默认启用了csrf检验，如果不关闭该检验，eureka client端向eureka server注册时，会报如下异常：com.netflix.discovery.shared.transport.TransportException: Cannot execute request on any known server，由于还没研究在启用csrf检验的情况下，eureka client注册服务时如何避免该异常，考虑先关闭csrf检验：

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        super.configure(http);
    }
}

4.eureka client端eureka.client.serviceUrl.defaultZone 修改，增加账号密码

http://${security.username}:${security.password}@localhost:8082/eureka/

增加配置：

security.username=admin

security.password=admin123456

上一篇： Cento OS7yum安装Apache 博客分类：环境 Cento OS 安装Apache

下一篇： Jquery周历插件weekCalendar汉化并实现单日显示博客分类：前端框架技巧 jquery week calendarjquery week calendar中文版

Eureka Server 增加安全用户认证 博客分类： spring boot 实践笔记 spring cloudeureka serversecurity