简介
注册中心界面添加用户名密码才能访问
服务端
引入spring-security
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
配置中加入security的配置
spring:
application:
name: center-server
profiles:
active: dev
security:
user:
name: admin
password: nmamtf
这里是spring-boot2的方式,如果是老版本,配置方式不同
允许/eureka/**开头的连接不受权限控制
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().ignoringAntMatchers("/eureka/**");
super.configure(http);
}
}
客户端
同样需要引入spring-security
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
配置中加入security的配置
spring:
application:
name: center-server
profiles:
active: dev
security:
user:
name: admin
password: nmamtf
另外,配置注册中心服务器的地址的时候需要加上用户名密码
eureka:
client:
serviceUrl:
defaultZone: http://admin:[email protected]:1111/manage/serverCenter/eureka/
配置普通接口不受权限控制
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
//普通的接口不需要校验
.antMatchers("/*api/**").permitAll()
// swagger页面需要添加登录校验
.antMatchers("/swagger-ui.html").authenticated()
.and()
.formLogin();
}
}