| 提交 | 用户 | 时间 | ||
| e7c126 | 1 | package com.iailab.monitor.config; |
| H | 2 | |
| 3 | import de.codecentric.boot.admin.server.config.AdminServerProperties; | |
| 4 | import org.springframework.context.annotation.Bean; | |
| 5 | import org.springframework.context.annotation.Configuration; | |
| 6 | import org.springframework.security.config.Customizer; | |
| 7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; | |
| 8 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; | |
| 9 | import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; | |
| 10 | import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer; | |
| 11 | import org.springframework.security.web.SecurityFilterChain; | |
| 12 | import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; | |
| 13 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher; | |
| 14 | ||
| 15 | /** | |
| 16 | * admin 监控 安全配置 | |
| 17 | * | |
| 18 | * @author Lion Li | |
| 19 | */ | |
| 20 | @EnableWebSecurity | |
| 21 | @Configuration | |
| 22 | public class WebSecurityConfigurer { | |
| 23 | ||
| 24 | private final String adminContextPath; | |
| 25 | ||
| 26 | public WebSecurityConfigurer(AdminServerProperties adminServerProperties) { | |
| 27 | this.adminContextPath = adminServerProperties.getContextPath(); | |
| 28 | } | |
| 29 | ||
| 30 | @Bean | |
| 31 | public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception { | |
| 32 | SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); | |
| 33 | successHandler.setTargetUrlParameter("redirectTo"); | |
| 34 | successHandler.setDefaultTargetUrl(adminContextPath + "/"); | |
| 35 | ||
| 36 | return httpSecurity | |
| 37 | .headers((header) -> | |
| 38 | header.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable)) | |
| 39 | .authorizeHttpRequests((authorize) -> | |
| 40 | authorize.requestMatchers( | |
| 41 | new AntPathRequestMatcher(adminContextPath + "/assets/**"), | |
| 42 | new AntPathRequestMatcher(adminContextPath + "/login"), | |
| 43 | new AntPathRequestMatcher("/actuator"), | |
| 44 | new AntPathRequestMatcher("/actuator/**") | |
| 45 | ).permitAll() | |
| 46 | .anyRequest().authenticated()) | |
| 47 | .formLogin((formLogin) -> | |
| 48 | formLogin.loginPage(adminContextPath + "/login").successHandler(successHandler)) | |
| 49 | .logout((logout) -> | |
| 50 | logout.logoutUrl(adminContextPath + "/logout")) | |
| 51 | .httpBasic(Customizer.withDefaults()) | |
| 52 | .csrf(AbstractHttpConfigurer::disable) | |
| 53 | .build(); | |
| 54 | } | |
| 55 | ||
| 56 | } | |
