簡介
註冊中心界面添加用戶名密碼才能訪問
服務端
引入spring-security
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
配置中加入security的配置
spring:
application:
name: center-server
profiles:
active: dev
security:
user:
name: admin
password: nmamtf
這裏是spring-boot2的方式,如果是老版本,配置方式不同
允許/eureka/**開頭的連接不受權限控制
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().ignoringAntMatchers("/eureka/**");
super.configure(http);
}
}
客戶端
同樣需要引入spring-security
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
配置中加入security的配置
spring:
application:
name: center-server
profiles:
active: dev
security:
user:
name: admin
password: nmamtf
另外,配置註冊中心服務器的地址的時候需要加上用戶名密碼
eureka:
client:
serviceUrl:
defaultZone: http://admin:[email protected]:1111/manage/serverCenter/eureka/
配置普通接口不受權限控制
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
//普通的接口不需要校驗
.antMatchers("/*api/**").permitAll()
// swagger頁面需要添加登錄校驗
.antMatchers("/swagger-ui.html").authenticated()
.and()
.formLogin();
}
}