为Eureka Server添加Spring Security认证

使用版本 :Spring Boot:2.1.5 Spring Cloud:Greenwich
需要注意的两个地方!

  • Spring Cloud与Spring Boot版本号一致问题
  • Spring Security在高版本默认开启了csrf跨域请求伪造,后面我们会解决这个问题

[Spring Boot与Spring Cloud版本对应]https://spring.io/projects/spring-cloud

Eureka Server


<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0modelVersion>
    <parent>
        <groupId>org.springframework.bootgroupId>
        <artifactId>spring-boot-starter-parentartifactId>
        <version>2.1.5.RELEASEversion>
        <relativePath/> 
    parent>
    <groupId>com.dfyanggroupId>
    <artifactId>eureka-serverartifactId>
    <version>0.0.1-SNAPSHOTversion>
    <name>eureka-servername>
    <description>Demo project for Spring Bootdescription>

    <properties>
        <java.version>1.8java.version>
    properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.bootgroupId>
            <artifactId>spring-boot-starterartifactId>
        dependency>
        <dependency>
            <groupId>org.springframework.bootgroupId>
            <artifactId>spring-boot-starter-securityartifactId>
        dependency>
        <dependency>
            <groupId>org.springframework.bootgroupId>
            <artifactId>spring-boot-starter-testartifactId>
            <scope>testscope>
        dependency>
        <dependency>
            <groupId>org.springframework.cloudgroupId>
            <artifactId>spring-cloud-starter-netflix-eureka-serverartifactId>
        dependency>
    dependencies>
    <dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.cloudgroupId>
                <artifactId>spring-cloud-dependenciesartifactId>
                <version>Greenwich.RELEASEversion>
                <type>pomtype>
                <scope>importscope>
            dependency>
        dependencies>
    dependencyManagement>
    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.bootgroupId>
                <artifactId>spring-boot-maven-pluginartifactId>
            plugin>
        plugins>
    build>
project>

application.yml

server:
  port: 8761
spring:
  application:
    name: eureka-server
  security:
    user:
      name: user
      password: 1513101
eureka:
  client:
    #是否将自己注册到Eureka Server,由于当前应用为Eureka Service,故为false
    register-with-eureka: false
    #是否从Eureka Server获取注册信息,由于是单点,所以为false
    fetch-registry: false
    #与Eureka Server交互的地址
    service-url:
      defaultZone: http://localhost:8761/eureka/

启动类

package com.dfyang;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.eureka.server.EnableEurekaServer;

@SpringBootApplication
@EnableEurekaServer
public class EurekaServerApplication {

    public static void main(String[] args) {
        SpringApplication.run(EurekaServerApplication.class, args);
    }

}

由于在当前版本spring security自动开启了csrf,由于等会要创建的Eureka Client与Eureka Server端口不同产生了跨域问题,这里我们需要写一个配置类关闭csrf

package com.dfyang.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();     //关闭跨域
        http.authorizeRequests()   //认证请求
                .anyRequest()      //对任何请求
                .authenticated()   //都需要认证
                .and()
                .httpBasic();      //使用Spring Security提供的登录界面
    }
}

输入localhost:8761,然后输入上面定义的用户名和密码登录即可
为Eureka Server添加Spring Security认证_第1张图片

Eureka Client

pom.xml


<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0modelVersion>
    <parent>
        <groupId>org.springframework.bootgroupId>
        <artifactId>spring-boot-starter-parentartifactId>
        <version>2.1.5.RELEASEversion>
        <relativePath/> 
    parent>
    <groupId>com.dfyanggroupId>
    <artifactId>service-producerartifactId>
    <version>0.0.1-SNAPSHOTversion>
    <name>service-producername>
    <description>Demo project for Spring Bootdescription>

    <properties>
        <java.version>1.8java.version>
    properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.bootgroupId>
            <artifactId>spring-boot-starterartifactId>
        dependency>
        <dependency>
            <groupId>org.springframework.bootgroupId>
            <artifactId>spring-boot-starter-webartifactId>
        dependency>
        <dependency>
            <groupId>org.springframework.bootgroupId>
            <artifactId>spring-boot-starter-testartifactId>
            <scope>testscope>
        dependency>
        <dependency>
            <groupId>org.springframework.cloudgroupId>
            <artifactId>spring-cloud-starter-netflix-eureka-clientartifactId>
        dependency>

    dependencies>
    <dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.cloudgroupId>
                <artifactId>spring-cloud-dependenciesartifactId>
                <version>Greenwich.RELEASEversion>
                <type>pomtype>
                <scope>importscope>
            dependency>
        dependencies>
    dependencyManagement>
    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.bootgroupId>
                <artifactId>spring-boot-maven-pluginartifactId>
            plugin>
        plugins>
    build>
project>

application.yml

server:
  port: 8080
spring:
  application:
    name: service-producer1
eureka:
  client:
    service-url:
      defaultZone: http://user:1513101@localhost:8761/eureka/

启动类

package com.dfyang;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.eureka.EnableEurekaClient;

@SpringBootApplication
@EnableEurekaClient
public class ServiceProducerApplication {

    public static void main(String[] args) {
        SpringApplication.run(ServiceProducerApplication.class, args);
    }
}

启动项目,再次访问localhost:8761,服务注册成功
为Eureka Server添加Spring Security认证_第2张图片
如果Eureka Server未关闭csrf或者Eureka Client输入的连接用户名或者密码有误,将出现com.netflix.discovery.shared.transport.TransportException: Cannot execute request on any known server错误
为Eureka Server添加Spring Security认证_第3张图片
注意——
这里记录一个坑,之前学习一直使用的default-zone,没想到在用到Spring Security这里出现了问题,同样会出现上面这个问题,有兴趣的可以尝试一下,反正我反复试过多次,建议使用defaultZone而不要使用default-zone

你可能感兴趣的:(为Eureka Server添加Spring Security认证)