Eureka Server 增加安全用户认证

阅读更多

环境:spring cloud Finchley.RC2,spring boot 2.0.2.RELEASE,eureka 1.9.0

 

1. pom 文件中引入依赖

     添加spring-security支持: 

 
     org.springframework.boot 
     spring-boot-starter-security 
 

 

2. application.yml 文件增加管理的用户名密码配置

 

   2.1 增加 spring.security 配置

spring:
  security:
    basic:
      enabled: true
    user:
      name: admin
      password: admin123456

 

   2.2 eureka.client.serviceUrl.defaultZone 修改,增加账号密码

http://${spring.security.user.name}:${spring.security.user.password}@${eureka.instance.hostname}:${server.port}/eureka/

    

   2.3 修改后Eureka Server 的完整的 application.yml 为:

server:
  port: 8082

spring:
  security:
    basic:
      enabled: true
    user:
      name: admin
      password: admin123456

eureka:
  instance:
    hostname: localhost
  client:
    registerWithEureka: false
    fetchRegistry: false
    serviceUrl:
      defaultZone: http://${spring.security.user.name}:${spring.security.user.password}@${eureka.instance.hostname}:${server.port}/eureka/

 

3. Eureka Server端关闭security的csrf检验

    新版的security默认启用了csrf检验,如果不关闭该检验,eureka client端向eureka server注册时,会报如下异常:com.netflix.discovery.shared.transport.TransportException: Cannot execute request on any known server,由于还没研究在启用csrf检验的情况下,eureka client注册服务时如何避免该异常,考虑先关闭csrf检验:

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        super.configure(http);
    }
}

 

4.eureka client端eureka.client.serviceUrl.defaultZone 修改,增加账号密码

http://${security.username}:${security.password}@localhost:8082/eureka/

    增加配置: 

    security.username=admin   

    security.password=admin123456   

你可能感兴趣的:(spring,cloud,eureka,server,security)