写的一个项目 ,政府机关网警,扫描的不安全,使用的技术是Springboot +shiro
一直能访问到这个界面
找了半天是因为我在shiroConfig里面放行了这个,导致一直能访问到
2. 增加druid监控的配置
1、POM.xml增加引入:
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid-spring-boot-starter</artifactId>
<version>1.1.10</version>
</dependency>
2、Application.properties增加配置:
spring.datasource.filters: stat
3、添加配置类DruidConfig:
@Configuration
public class DruidConfig {
//将所有前缀为spring.datasource下的配置项都加载到DataSource中
@ConfigurationProperties(prefix = "spring.datasource")
@Bean
public DataSource dataSource() {
return new DruidDataSource();
}
@Bean
public static PropertySourcesPlaceholderConfigurer propertyConfigure(){
return new PropertySourcesPlaceholderConfigurer();
}
@Bean
public PlatformTransactionManager transactionManager() throws Exception {
DataSourceTransactionManager txManager = new DataSourceTransactionManager();
txManager.setDataSource(dataSource());
return txManager;
}
@Bean
public ServletRegistrationBean druidStatViewServlet() {
ServletRegistrationBean servletRegistrationBean = new ServletRegistrationBean(new StatViewServlet(),"/druid/*");
Map<String, String> initParams = new HashMap<>();
// 可配的属性都在 StatViewServlet 和其父类下
initParams.put("loginUsername", "admin-druid");
initParams.put("loginPassword", "111111");
servletRegistrationBean.setInitParameters(initParams);
return servletRegistrationBean;
}
@Bean
public FilterRegistrationBean druidWebStatFilter() {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(new WebStatFilter());
Map<String, String> initParams = new HashMap<>();
initParams.put("exclusions", "*.js,*.css,/druid/*");
filterRegistrationBean.setInitParameters(initParams);
filterRegistrationBean.setUrlPatterns(Arrays.asList("/*"));
return filterRegistrationBean;
}
}
4、在浏览器中访问:http://localhost:8080/druid/login.html,即可打开下面的页面,登录账号:admin-druid:111111(这个账号密码是可以在DruidConfig.druidStatViewServlet方法中修改的)即可打开监控页面;