adminServer同时会被注册成client,添加security监控,同时注册到consul注册中心
依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-server</artifactId>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-consul-discovery</artifactId>
</dependency>
配置文件
server:
port: 10000
spring:
profiles:
active: dev
application:
name: admin-server
security:
user:
name: 登录用户名
password: 登录密码
boot:
admin:
discovery:
#忽略注册中心consul,否则一直报错
ignored-services: consul
ui:
title: 服务监控中心
client:
username: ${spring.security.user.name}
password: ${spring.security.user.password}
url: http://localhost:${server.port}
#暴露健康监测接口给admin
management:
endpoints:
web:
exposure:
include: '*'
endpoint:
health:
show-details: ALWAYS
- dev部分
spring:
cloud:
consul:
enabled: true
host: consul的ip
port: consul的端口
discovery:
acl-token: 开始了acl的token
logging:
file:
path:日志路径
#暴露应用信息
management:
endpoint:
#admin配置在线日志位置
logfile:
external-file: ${logging.file.path}/admin-server.log
日志配置
<?xml version="1.0" encoding="UTF-8"?>
<configuration scan="true" scanPeriod="10 seconds">
<contextName>logback</contextName>
<springProperty name="logging.path" scope="context" source="logging.file.path"/>
<springProperty name="logging.name" scope="context" source="spring.application.name"/>
<!-- 彩色日志 -->
<!-- 彩色日志依赖的渲染类 -->
<conversionRule conversionWord="clr"
converterClass="org.springframework.boot.logging.logback.ColorConverter"/>
<conversionRule conversionWord="wex"
converterClass="org.springframework.boot.logging.logback.WhitespaceThrowableProxyConverter"/>
<conversionRule conversionWord="wEx"
converterClass="org.springframework.boot.logging.logback.ExtendedWhitespaceThrowableProxyConverter"/>
<!-- 彩色日志格式 -->
<property name="CONSOLE_LOG_PATTERN"
value="${CONSOLE_LOG_PATTERN:-%clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}"/>
<!-- 文件日志格式 -->
<property name="FILE_LOG_PATTERN"
value="${FILE_LOG_PATTERN:-%d{yyyy-MM-dd HH:mm:ss.SSS} ${LOG_LEVEL_PATTERN:-%5p} ${PID:- } [%X{TRACE_ID}] %logger{50} - %msg%n}"/>
<!--输出到控制台-->
<appender class="ch.qos.logback.core.ConsoleAppender" name="CONSOLE">
<!--此日志appender是为开发使用,只配置最底级别,控制台输出的日志级别是大于或等于此级别的日志信息-->
<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
<level>info</level>
</filter>
<encoder>
<Pattern>${CONSOLE_LOG_PATTERN}</Pattern>
<charset>UTF-8</charset>
</encoder>
</appender>
<!-- 输出到文件日志 -->
<!-- 总日志文件 -->
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<!--日志名称以及路径-->
<file>${logging.path}/${logging.name}.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<!-- 日志归档路径 -->
<fileNamePattern>${logging.path}/${logging.name}-%d{yyyy-MM-dd}.log</fileNamePattern>
<!-- 日志保存时间 -->
<MaxHistory>7</MaxHistory>
</rollingPolicy>
<encoder>
<Pattern>${FILE_LOG_PATTERN}</Pattern>
<charset>UTF-8</charset>
</encoder>
</appender>
<!-- 时间滚动输出 level为 ERROR 日志 -->
<appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="ERROR_FILE">
<file>${logging.path}/${logging.name}-error.log</file>
<!-- 日志记录器的滚动策略,按日期,按大小记录 -->
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${logging.path}/${logging.name}-error-%d{yyyy-MM-dd-HH}.log</fileNamePattern>
<maxHistory>7</maxHistory>
</rollingPolicy>
<!-- 此日志文件只记录ERROR级别的 -->
<filter class="ch.qos.logback.classic.filter.LevelFilter">
<level>ERROR</level>
<onMatch>ACCEPT</onMatch>
<onMismatch>DENY</onMismatch>
</filter>
<!--日志文件输出格式-->
<encoder>
<Pattern>${FILE_LOG_PATTERN}</Pattern>
<charset>UTF-8</charset>
</encoder>
</appender>
<!-- 本地环境-->
<springProfile name="dev">
<root level="info">
<appender-ref ref="FILE"/>
<appender-ref ref="ERROR_FILE"/>
<appender-ref ref="CONSOLE"/>
</root>
</springProfile>
<springProfile name="test">
<root level="info">
<appender-ref ref="FILE"/>
<appender-ref ref="ERROR_FILE"/>
</root>
</springProfile>
</configuration>
添加注解
@EnableAdminServer
@EnableDiscoveryClient
security的配置
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private AdminServerProperties adminServerProperties;
@Override
protected void configure(HttpSecurity http) throws Exception {
String path = adminServerProperties.getContextPath();
SavedRequestAwareAuthenticationSuccessHandler successHandler =
new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
http.authorizeRequests()
//静态资源和login以及健康检查
.antMatchers(path + "/assets/**").permitAll()
.antMatchers(path + "/login").permitAll()
.antMatchers("/actuator/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(path + "/login")
.successHandler(successHandler)
.and().logout().logoutUrl(path + "/logout")
.and().httpBasic().and().csrf().disable();
}
}
