效果展示

客户端

maven引用

        <parent>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-parent</artifactId>
            <version>2.0.0.RELEASE</version>
        </parent>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-actuator</artifactId>
        </dependency>
        <dependency>
            <groupId>de.codecentric</groupId>
            <artifactId>spring-boot-admin-starter-client</artifactId>
            <version>2.0.0</version>
        </dependency>	

配置文件

management:
  endpoints:
    web:
      exposure:
        include: '*'
  endpoint:
    health:
      show-details: always

安全保护

public class ActuatorAuthFilter implements Filter, Ordered {
    private AuthService authService = SpringBootBeanUtil.getBean(AuthService.class);

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        boolean authPass = false;
        HttpServletRequest req = (HttpServletRequest) request;
        String system = req.getHeader("system");
        String token = req.getHeader("token");
        if ( !StringUtil.isEmpty(system) && !StringUtil.isEmpty(token)) {
            if(system.equals("haopanwatch") && token.equals("7e447e5d38d323b847edf2b4895eb242")){
                authPass = true;
            }
        }
        if (authPass) {
            chain.doFilter(request, response);
        } else {
            Result result = Result.errorResult().setMsg("NoAuthAccess").setCode(SystemErrorCodeEnum.ErrorCode.TokenAuthError.get_value());
            response.getWriter().println(JSON.toJSON(result));
        }

    }

    @Override
    public void destroy() {

    }

    @Override
    public int getOrder() {
        return 11;
    }
}

管理端

maven引用

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.2.0.RELEASE</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>de.codecentric</groupId>
            <artifactId>spring-boot-admin-starter-server</artifactId>
            <version>2.2.0</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
            <exclusions>
                <exclusion>
                    <groupId>org.springframework.boot</groupId>
                    <artifactId>spring-boot-starter-tomcat</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-jetty</artifactId>
        </dependency>
    </dependencies>

配置文件

server.port=9550
spring.application.name=springboot-admin-server
#配置一个账号和密码
spring.security.user.name=admin
spring.security.user.password=abcd@1234

启动注解

@SpringBootApplication
@EnableAdminServer
public class HaopanWatchApplication {

    public static void main(String[] args) {
        SpringApplication.run(HaopanWatchApplication.class, args);
    }

    @Bean
    public ApplicationRunner applicationRunner() {
        return applicationArguments -> {
            System.out.println("haopanwatch启动成功！");
        };
    }
}

安全保护

@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
    //项目应用路径
    private final String adminContextPath;

    public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
        this.adminContextPath = adminServerProperties.getContextPath();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setTargetUrlParameter("redirectTo");
        successHandler.setDefaultTargetUrl(adminContextPath + "/");

        http.authorizeRequests()
                //无需登录即可访问
                .antMatchers(adminContextPath + "/assets/**").permitAll()
                .antMatchers(adminContextPath + "/login").permitAll()
                .anyRequest().authenticated()
                .and()

                //登录和登出路径
                .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
                .logout().logoutUrl(adminContextPath + "/logout").and()

                //开启http basic支持，admin-client注册时需要使用
                .httpBasic().and()
                .csrf()

                //开启基于cookie的csrf保护
                .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
                //忽略这些路径的csrf保护以便admin-client注册
                .ignoringAntMatchers(
                        adminContextPath + "/instances",
                        adminContextPath + "/actuator/**"
                );
    }
}

客户端认证

@Component
public class HttpHeadersProviderConfig implements HttpHeadersProvider {

    @Override
    public HttpHeaders getHeaders(Instance instance) {
        HttpHeaders httpHeaders = new HttpHeaders();
        //设置约定好的请求头参数
        httpHeaders.add("token", "7e447e5d38d323b847edf2b4895eb242");
        httpHeaders.add("system", "haopanwatch");
        return httpHeaders;
    }
}