1. pom.xml 加入依赖

	
		
		
            org.springframework.boot
            spring-boot-starter-security
        

2. application.properties 配置如下 用户名和密码

#开启安全认证 用户名和密码
spring.security.basic.enabled=true
spring.security.user.name=fh_admin
spring.security.user.password=root

3. 加入配置类 WebSecurityConfig.java

package org.fh.config;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;

/**
 * 说明:CSRF保护禁用
 * 作者:F-H Admin
 * 官网:www.1b23.com
 */
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
	
    @Override
    protected void configure(HttpSecurity http) throws Exception {
    	
    	SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
		successHandler.setTargetUrlParameter("redirectTo");

		http.headers().frameOptions().disable();
    	
    	http.csrf().disable().authorizeRequests().antMatchers("/actuator/**").permitAll().anyRequest().authenticated().and().httpBasic();
    }
}