版本信息:
springboot version:1.5.21
springboot admin version:1.5.7
spring cloud security version:1.4.5
<!-- 登录模块 -->
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-server-ui-login</artifactId>
<version>1.5.7</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>1.4.5.RELEASE</version>
</dependency>
application.properties
security.basic.enabled=false
management.security.enabled=false
spring.boot.admin.username=admin
spring.boot.admin.password=123456
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, proxyTargetClass = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity web) {
//忽略css.jq.img等文件
web.ignoring().antMatchers("/**.html", "/**.css", "/img/**", "/**.js");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/**/heapdump",
"/**/loggers",
"/**/liquibase",
"/**/logfile",
"/**/flyway",
"/**/auditevents",
"/**/jolokia").permitAll()
.and()
.authorizeRequests()
.antMatchers("/**").hasRole("USER")
.antMatchers("/**").authenticated()
.and()
.formLogin()
.loginPage("/login.html")
.loginProcessingUrl("/login").permitAll()
.defaultSuccessUrl("/")
.and()
.logout()
.deleteCookies("remove")
.logoutSuccessUrl("/login.html").permitAll()
.and()
.httpBasic();
}
}
client需要配置对应的用户名和密码:
##配置权限验证的密码
spring.boot.admin.username=admin
spring.boot.admin.password=123456