绿满筐商城java服务
blame | 历史 | 原始文档
xiangpei
5 天以前 ab76e72f7558895a53982649d415eb6ad350db7c 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

package cn.lili.admin;


 


import de.codecentric.boot.admin.server.config.AdminServerProperties;


import de.codecentric.boot.admin.server.config.EnableAdminServer;


import org.springframework.boot.SpringApplication;


import org.springframework.boot.autoconfigure.EnableAutoConfiguration;


import org.springframework.context.annotation.Configuration;


import org.springframework.security.config.Customizer;


import org.springframework.security.config.annotation.web.builders.HttpSecurity;


import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;


 


import java.util.UUID;


 


/**


 * Admin


 *


 * @author Chopper


 * @since 2020/11/16 10:03 下午


 */


@Configuration


@EnableAutoConfiguration


@EnableAdminServer


public class AdminApplication {


 


    public static void main(String[] args) {


        SpringApplication.run(AdminApplication.class, args);


    }


 


    @Configuration


    public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {


 


        private final AdminServerProperties adminServer;


 


        public SecuritySecureConfig(AdminServerProperties adminServer) {


            this.adminServer = adminServer;


        }


 


        @Override


        protected void configure(HttpSecurity http) throws Exception {


            SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();


            successHandler.setTargetUrlParameter("redirectTo");


            successHandler.setDefaultTargetUrl(this.adminServer.path("/"));


            http.authorizeRequests().antMatchers("/instances**").permitAll();


            http.authorizeRequests(


                    (authorizeRequests) -> authorizeRequests.antMatchers(this.adminServer.path("/assets/**")).permitAll() //授予公众对所有静态资产和登录页面的访问权限。


                            .antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated() //其他所有请求都必须经过验证。


            ).formLogin(


                    (formLogin) -> formLogin.loginPage(this.adminServer.path("/login")).successHandler(successHandler).and() //配置登录和注销。


            ).logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout"))).httpBasic(Customizer.withDefaults()) //启用HTTP基本支持。这是Spring Boot Admin Client注册所必需的。


                    .csrf().disable()


                    .rememberMe((rememberMe) -> rememberMe.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600));


        }


 


    }


}