Spring Boot 1.3.0 中,使用 Java Config 配置 Druid
MySqlRepositoryConfig.java
@Profile("mysql")
@Configuration
@EnableConfigurationProperties
public class MySqlRepositoryConfig implements RepositoryConfig {
@Bean(initMethod = "init", destroyMethod = "close")
@ConfigurationProperties(prefix="datasource.druid")
@Override
public DataSource dataSource() {
return new DruidDataSource();
}
@Value("${datasource.druid.allow}")
private String druidAllowUrl;
@Value("${datasource.druid.deny}")
private String druidDenyUrl;
@Bean
public ServletRegistrationBean statViewServlet() {
ServletRegistrationBean reg = new ServletRegistrationBean();
reg.setServlet(new StatViewServlet());
reg.addUrlMappings("/druid/*");
reg.addInitParameter("allow", druidAllowUrl);
reg.addInitParameter("deny", druidDenyUrl);
return reg;
}
@Bean
@Override
public PlatformTransactionManager transactionManager() {
return new DataSourceTransactionManager(dataSource());
}
}
application.properties
###################
# Druid 连接池 #
###################
# 基本属性 url、user、password
datasource.druid.url=jdbc:mysql://localhost:3306/test
datasource.druid.username=root
datasource.druid.password=root
# 配置初始化大小、最小、最大
datasource.druid.initialSize=1
datasource.druid.minIdle=1
datasource.druid.maxActive=20
# 配置获取连接等待超时的时间,单位是毫秒
datasource.druid.maxWait=5000
# 配置间隔多久才进行一次检测,检测需要关闭的空闲连接,单位是毫秒
datasource.druid.timeBetweenEvictionRunsMillis=60000
# 配置一个连接在池中最小生存的时间,单位是毫秒
datasource.druid.minEvictableIdleTimeMillis=300000
datasource.druid.validationQuery=SELECT 'x'
datasource.druid.testWhileIdle=true
datasource.druid.testOnBorrow=false
datasource.druid.testOnReturn=false
# 如果用Oracle,则把poolPreparedStatements配置为true,mysql可以配置为false。分库分表较多的数据库,建议配置为false。
datasource.druid.poolPreparedStatements=false
datasource.druid.maxPoolPreparedStatementPerConnectionSize=20
# 配置监控统计拦截的filters
datasource.druid.filters=wall,stat
datasource.druid.allow=192.168.1.1/24
datasource.druid.deny=192.168.200.1/24
目前的解决方式
SecurityConfiguration.java
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic()
.and()
.csrf()
// /druid/basic.json 请求不做 CSRF 控制
.ignoringAntMatchers("/druid/**")
.and()
.headers()
// 关闭 X-Content-Type-Options:nosniff ,使 Druid 页面可以正常显示
.contentTypeOptions().disable()
.and();
}
}
4条答案
按热度按时间1tuwyuhd1#
StatViewServlet 没有给 html 文件设置 Content-Type,不改代码的话,只能加一个 Filter 去给 /druid/**.html 补上 Content-Type 了
13z8s7eq2#
我也是正遇到这种问题
j2cgzkjk3#
vnjpjtjt4#
http pattern="/druid/**" security="none"