SpringBoot Admin的简要配置

SpringBoot Admin是目前流行的开源监控组件，用以监控springboot应用程序。该组件由两部分组成，分别是客户端和服务端。服务端类似于注册中心，提供了AdminUI页面，页面上展示了客户端的endpoint信息；客户端需暴露endpoint并注册至服务端。springboot admin参考手册

endpoint是Spring Actuator的特性。Spring Actuator是Spring官方的一个组件，提供了SpringBoot应用程序的一系列API，用以获取相关的信息，包括JVM、Beans等信息。spring actuator参考手册，spring actuator API文档。

SpringBoot Admin的结构如下图所示。

一、配置Springboot Admin服务端

1、引入maven依赖

<dependency>
  <groupId>de.codecentric</groupId>
  <artifactId>spring-boot-admin-starter-server</artifactId>
  <version>2.1.5</version>
</dependency>
<dependency>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-web</artifactId>
</dependency>

2、配置application.yml

server:
	port: 8769
spring:
	application:
		name: admin-server
# springboot admin ui登录的用户名和密码，由spring security管理；同时，客户端也必须提供该用户名和密码，否则无法注册
security:
	user:
		name: hello
		password: 123456

3、重写Spring Security WebSecurityConfigurerAdapter中的configure方法，设置需要跳过验证的路径。这样配置之后，spring security就不会拦截AdminUI的登录和登出请求。

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter{
	private final String adminContextPath;
	
	public SecurityConfig(AdminServerProperties adminServerProperties) {
		this.adminContextPath = adminServerProperties.getContextPath();
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
		successHandler.setTargetUrlParameter("redirectTo");
		successHandler.setDefaultTargetUrl(adminContextPath + "/");
		http.authorizeRequests().antMatchers(adminContextPath + "/assets/**").permitAll()//Grants public access to all static assets and the login page.
		.antMatchers(adminContextPath + "/login").permitAll()
		.anyRequest().authenticated()// Every other request must be authenticated.
		.and()
		.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()//Configures login and logout.
		.logout().logoutUrl(adminContextPath + "/logout").and()
		.httpBasic().and()//Enables HTTP-Basic support. This is needed for the Spring Boot Admin Client to register.
		.csrf()
		.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())//Enables CSRF-Protection using Cookies
		.ignoringAntMatchers(
		adminContextPath + "/instances", //Disables CRSF-Protection the endpoint the Spring Boot Admin Client uses to register.
		adminContextPath + "/actuator/**"//Disables CRSF-Protection for the actuator endpoints.
		);
	
	}
}

二、配置Springboot Admin客户端

1、引入maven依赖

<dependency>
  <groupId>de.codecentric</groupId>
  <artifactId>spring-boot-admin-starter-client</artifactId>
  <version>2.1.0</version>
</dependency>

<dependency>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-web</artifactId>
</dependency>

2、配置application.yml

spring:
  application:
    name: admin-client
  boot:
    admin:
      client:
        url: http://localhost:8769
server:
  port: 8768

management:
  endpoints:
    web:
      exposure:
        include: '*'
  endpoint:
    health:
      show-details: ALWAYS

原文地址：SpringBoot Admin