服务端搭建
创建springboot server项目
引进jar包
<!-- springboot admin server -->
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-server</artifactId>
<version>2.2.1</version>
</dependency>
<!-- springboot admin server安全登录控制 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>2.2.1.RELEASE</version>
</dependency>
新增配置项
server.port=9527
spring.application.name=spring-boot-examples-admin-server
spring.security.user.name=admin
spring.security.user.password=123456
新增安全控制配置类,注意注解@Configuration
@Configuration
public class SecuritySecureServerConfig extends WebSecurityConfigurerAdapter {
private final String adminContextPath;
public SecuritySecureServerConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// 登录成功处理类
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(adminContextPath + "/");
http.authorizeRequests()
//静态文件允许访问
.antMatchers(adminContextPath + "/assets/**").permitAll()
//登录页面允许访问
.antMatchers(adminContextPath + "/login").permitAll()
//其他所有请求需要登录
.anyRequest().authenticated()
.and()
//登录页面配置,用于替换security默认页面
.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
//登出页面配置,用于替换security默认页面
.logout().logoutUrl(adminContextPath + "/logout").and()
.httpBasic().and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringAntMatchers(
"/instances",
"/actuator/**"
);
}
}
启动类新加注解@EnableAdminServer
@SpringBootApplication
@EnableAdminServer
public class ServerApplication {
public static void main(String[] args) {
SpringApplication.run(ServerApplication.class, args);
}
}
至此服务端搭建完成,浏览器输入http://localhost:9527/,输入用户名admin,密码123456
客户端搭建
引入jar包
<!-- spring-boot-admin-client -->
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
<version>2.2.1</version>
</dependency>
<!-- spring-boot-admin-client 中加入 actuator, 将 spring-boot-admin-client 的端点数据暴露出来 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
<version>2.2.1.RELEASE</version>
</dependency>
<!-- springboot admin server安全登录控制 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>2.2.1.RELEASE</version>
</dependency>
新增配置项
server.port=8080
#springboot admin client
spring.boot.admin.client.url=http://localhost:9527
#暴露所有的 actuator 端点信息重启
management.endpoints.web.exposure.include=*
spring.application.name=spring-boot-examples-admin-client
spring.boot.admin.client.username=admin
spring.boot.admin.client.password=123456
spring.boot.admin.client.instance.metadata.user.name=${spring.security.user.name}
spring.boot.admin.client.instance.metadata.user.password=${spring.boot.admin.client.password}
spring.security.user.name=client
spring.security.user.password=123456
spring.security.user.roles=ACTUATOR_ADMIN
新增安全控制配置类,注意注解@Configuration
@Configuration
public class SecuritySecureClientConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
//拦截所有endpoint,拥有ACTUATOR_ADMIN角色可访问,否则需登录
.requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR_ADMIN")
//静态文件允许访问
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
//根路径允许访问
.antMatchers("/").permitAll()
//所有请求路径可以访问
.antMatchers("/**").permitAll()
.and().httpBasic();
}
}
启动客户端,刷新界面如下
点击admin client,显示监控明细
参考文章
Spring Boot Admin的介绍及使用
SpringBoot入坑指南之四:使用Spring Boot Admin进行服务监控