一、概述
Eureka本身不具備安全認證的能力,Spring Cloud使用Spring Security爲Eureka Server進行了增強。
1.1 加依賴
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<!--<parent>
<artifactId>cloud-study</artifactId>
<groupId>com.qhr.cloud</groupId>
<version>1.0-SNAPSHOT</version>
</parent>-->
<groupId>com.qhr.cloud</groupId>
<version>1.0-SNAPSHOT</version>
<modelVersion>4.0.0</modelVersion>
<artifactId>microservice-discovery-eureka-authenticating</artifactId>
<packaging>jar</packaging>
<!-- 引入spring boot的依賴 -->
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.4.RELEASE</version>
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
</dependencies>
<!-- 引入spring cloud的依賴 -->
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Finchley.SR1</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<!-- 添加spring-boot的maven插件 -->
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
1.2 添加WebSecurityConfig類用於限制Spring Security的部分CSRF保護功能,否則應用無法正常註冊!
package com.qhr.cloud.study;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
* @Author : qhr
* @Description :pring Cloud Finchley及更高版本,必須添加如下代碼,部分關閉掉Spring Security
* 的CSRF保護功能,否則應用無法正常註冊!
* @Date : Created in 18:35 2020/7/6
* @Modified By :
*/
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().ignoringAntMatchers("/eureka/**");
super.configure(http);
}
}
1.3 修改配置文件application.yml
server:
port: 8761
eureka:
client:
# 是否要註冊到其他Eureka Server實例
register-with-eureka: false
# 是否要從其他Eureka Server實例獲取數據
fetch-registry: false
service-url:
defaultZone: http://user:password123@localhost:8761/eureka/
spring:
security:
user:
name: user # 配置登錄的賬號是user
password: password123 # 配置登錄的密碼是password123
1.4 添加啓動類
package com.qhr.cloud.study;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.eureka.server.EnableEurekaServer;
/**
* @Author : qhr
* @Description :
* @Date : Created in 18:34 2020/7/6
* @Modified By :
*/
@SpringBootApplication
@EnableEurekaServer
public class EurekaApplication {
public static void main(String[] args) {
SpringApplication.run(EurekaApplication.class, args);
}
}
1.5 項目目錄結構
二、Eureka Client 客戶端配置
在microservice-provider-user微服務中,修改配置文件application.yml
eureka:
client:
service-url:
# 指定eureka server通信地址,注意/eureka/小尾巴不能少
defaultZone: http://user:password123@localhost:8761/eureka/
三、服務啓動
3.1 訪問:http://localhost:8761/
輸入用戶:user,密碼:password123,就可正常訪問Eureka Server首頁。
3.2 啓動微服務microservice-provider-user
可以發現微服務microservice-provider-user已經註冊到Eureka的服務器上了。