- Spring Boot Actuator
- EndPoints:监控应用的入口,Spring Boot内置了很多断点,也支持自定义端点。
- 监控方式:HTTP或JMX。
- 访问路径:例如"actuator/health"。
- 注意事项:按需配置暴露的端点,并对所有端点进行权限控制。
1.引入依赖:
<!--actuator-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
2.配置可以访问的端点
#actuator
management:
endpoints:
web:
exposure:
exclude: info,caches
include: '*'
3.访问:http://localhost:8080/community/actuator/health
4.自定义端点 以数据库连接为例
import com.nowcoder.community.util.CommunityUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.actuate.endpoint.annotation.Endpoint;
import org.springframework.boot.actuate.endpoint.annotation.ReadOperation;
import org.springframework.stereotype.Component;
import javax.sql.DataSource;
import java.sql.Connection;
import java.sql.SQLException;
@Component
@Endpoint(id = "database")
public class DataBaseEndpoint {
private static final Logger logger= LoggerFactory.getLogger(DataBaseEndpoint.class);
@Qualifier("dataSource")
@Autowired
private DataSource dataSource;
@ReadOperation //代表GET请求
public String checkConnection(){
try(Connection connection = dataSource.getConnection();) //写在小括号内,程序启动时自动加上finally以及close
{
return CommunityUtil.getJSONString(0,"获取连接成功!");
} catch (SQLException e) {
logger.error("获取连接失败:"+e.getMessage());
return CommunityUtil.getJSONString(1,"获取连接失败!");
}
}
}
5.进行权限配置,只有管理员能访问。SecurityConfig
import com.nowcoder.community.util.CommunityConstant;
import com.nowcoder.community.util.CommunityUtil;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter implements CommunityConstant {
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
//授权
http.authorizeRequests()
.antMatchers(
"/comment/add/**",
"/discuss/add",
"/follow",
"/unfollow",
"/like",
"/letter/**",
"/notice/**",
"/setting",
"/upload",
"/updatePassword"
)
.hasAnyAuthority(
AUTHORITY_USER,AUTHORITY_ADMIN,AUTHORITY_MODERATOR
)
.antMatchers(
"/discuss/top","/discuss/wonderful"
)
.hasAnyAuthority(AUTHORITY_MODERATOR)
.antMatchers("/discuss/delete","/data/**","/actuator/**")
.hasAnyAuthority(AUTHORITY_ADMIN)
.anyRequest().permitAll()
.and().csrf().disable();//禁用csrf
//权限不够时的处理
http.exceptionHandling()
.authenticationEntryPoint(new AuthenticationEntryPoint() {
//没有登录
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
String xRequestedWith = request.getHeader("x-requested-with");
if ("XMLHttpRequest".equals(xRequestedWith)){
response.setContentType("application/plain;charset=utf-8");
PrintWriter writer = response.getWriter();
writer.write(CommunityUtil.getJSONString(403,"您还没有登录!"));
}else {
response.sendRedirect(request.getContextPath()+"/login");
}
}
})
.accessDeniedHandler(new AccessDeniedHandler() {
//权限不足
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException {
String xRequestedWith = request.getHeader("x-requested-with");
if ("XMLHttpRequest".equals(xRequestedWith)){
response.setContentType("application/plain;charset=utf-8");
PrintWriter writer = response.getWriter();
writer.write(CommunityUtil.getJSONString(403,"您没有访问此功能的权限!"));
}else {
response.sendRedirect(request.getContextPath()+"/denied");
}
}
});
//Security底层默认会拦截/logout请求,进行退出处理
//覆盖它默认的逻辑,才能执行我们自己的退出代码
http.logout().logoutUrl("/securitylogout");//此时,Security会拦截securitylogout请求
}
}