springboot-admin2.1.1+security
使用springboot-admin对项目进行健康监控等的操作,分两部分,server和client,server端监控client端,client端就是你的项目,文章最后会提到两个存在的bug。简单的代码就不注释了。
官方文档:
server端:
pom:
<!-- admin server端 -->
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-server</artifactId>
<version>2.1.1</version>
</dependency>
<!-- 加入security -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
springboot入口类:
@Configuration
@EnableAutoConfiguration
@EnableAdminServer
public class AdminServerApplication {
public static void main(String[] args) {
SpringApplication.run(AdminServerApplication.class, args);
}
@Configuration
public static class SecuritySecureConfig extends WebSecurityConfigurerAdapter{
private final String adminContextPath;
public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(adminContextPath + "/");
http.authorizeRequests()
.antMatchers(adminContextPath + "/assets/**").permitAll()//Grants public access to all static assets and the login page.
.antMatchers(adminContextPath + "/login").permitAll()
.anyRequest().authenticated()// Every other request must be authenticated.
.and()
.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()//Configures login and logout.
.logout().logoutUrl(adminContextPath + "/logout").and()
.httpBasic().and()//Enables HTTP-Basic support. This is needed for the Spring Boot Admin Client to register.
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())// Enables CSRF-Protection using Cookies
.ignoringAntMatchers(
adminContextPath + "/instances",// Disables CRSF-Protection the endpoint the Spring Boot Admin Client uses to register.
adminContextPath + "/actuator/**"//Disables CRSF-Protection for the actuator endpoints.
);
}
}
}
application.yml:
spring:
application:
name: spring-boot-admin
server:
port: 8190
---
spring:
security:
user:
name: "admin"
password: "lvyabin"
server启动
接下来就可以直接启动了,访问ip/8190就会跳转到登录页面,输入账号密码 admin/lvyabin就可以看到原谅色的admin了,但是此时还没有客户端被监控,下面再来配置client端
client端:
pom
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
<version>2.1.1</version>
</dependency>
application.yml
---
spring:
boot:
admin:
client:
url: http://ip:8190 #server端地址
username: admin #对应server端的账号密码,不配置就监控不到这个client。
password: lvyabin
instance:
service-base-url: http://ip:8188 #client地址,
#不配置的情况下,在打包的时候会有提示。不影响运行。
application:
name: "education online"
management:
endpoints:
web:
exposure:
include: "*" #监控所有端点,其中health和status是必须监控的
exclude: configprops #对配置信息的监控,每次浏览这个节点的时候,
#数据库的链接就一直释放不掉,最后导致超时,因为配置信息的监控也不重要,
#就不再监控这个节点,以下为可监控的endpoint。可以根据需要有选择的进行监控。
#- health,status,env,metrics,dump,jolokia,info,
#configprops,trace,logfile,refresh,flyway,
#liquibase,heapdump,loggers,auditevents,hystrix.stream,activiti
# info信息会显示到SBA的server端,这里取的是maven中的数据
info:
version: @[email protected]
groupId: @[email protected]
artifactId: @[email protected]
运行
client端也运行起来后就可以在server端看到client端的信息了
截图
client启动后的提示
有一个client被监控中
详细信息
注意:
文章开头说目前版本有两个bug
1,文章中说的排除了configprops节点,尝试了很多方法,只要选择查看配置信息,数据库的链接就会因为释放不掉,然后超时,不知道是bug还是配置原因。间接解决。排除掉此监控节点 :)
2,就是每次给server发送一次请求就会报一个错,如果使用的是springboot内置的tomcat,异常为
java.lang.IllegalStateException: Calling [asyncError()] is not valid for a request with Async state [MUST_DISPATCH]
如果使用的外部的tomcat,会提示
java.io.IOException: 您的主机中的软件中止了一个已建立的连接。
这个bug目前没有办法解决,不影响项目运行。