如何使用基本路径在2个不同端口上处理具有 spring security 的执行器和服务器?

zlhcx6iw  于 2024-01-05  发布在  Spring
关注(0)|答案(1)|浏览(153)

我有一套

  1. # Server
  2. server.servlet.contextPath=/myapp/api
  3. server.port=8080
  5. # Actuator port
  6. management.health.probes.enabled=true
  7. management.server.port=8090
  8. management.endpoints.web.base-path=/myapp/api/actuator
  9. management.metrics.export.prometheus.enabled=true

字符串
像这样简单的授权

  1. @Bean
  2.     fun filterChain(http: HttpSecurity): SecurityFilterChain {
  3.         http.authorizeHttpRequests()
  4.             .requestMatchers(HttpMethod.GET, "/actuator/health").permitAll() # Worked before when everything was on port 8080. Still works but with token
  5.             .requestMatchers(HttpMethod.GET, "/myapp/api/actuator/health").permitAll() # Worked when actuator was on different port without token
  6.             .requestMatchers(HttpMethod.GET, "/vehicles/**").permitAll() 
  7.             .anyRequest().authenticated()
  8.             .and()
  9.             .oauth2ResourceServer()
  10.             .jwt()
  11.             .jwtAuthenticationConverter(jwtAuthenticationConverter())
  12.         return http.build()
  13.     }


之前我用端口8080运行一切.现在我需要运行日志辅助端口.两者都必须有基本路径开始/myapp/API/.什么是最佳实践的方式做到这一点?

spring

1条答案

按热度按时间
qv7cva1a

qv7cva1a1#

您可以为每个端口使用两个单独的SecurityConfigurerAdapter示例:

  1. @Configuration
  2. @EnableWebSecurity
  3. class SecurityConfig {
  5.     @Bean
  6.     fun actuatorSecurityConfigurerAdapter(): SecurityConfigurerAdapter {
  7.         return object : SecurityConfigurerAdapter() {
  8.             override fun configure(http: HttpSecurity) {
  9.                 http.antMatcher("/myapp/api/actuator/**")
  10.                     .authorizeRequests {
  11.                         it.antMatchers(HttpMethod.GET, "/myapp/api/actuator/health").permitAll()
  12.                         // Other actuator endpoints can be configured here
  13.                     }
  14.                     .anyRequest().authenticated()
  15.                     .and()
  16.                     .oauth2ResourceServer()
  17.                     .jwt()
  18.                     .jwtAuthenticationConverter(jwtAuthenticationConverter())
  19.             }
  20.         }
  21.     }
  23.     @Bean
  24.     fun appSecurityConfigurerAdapter(): SecurityConfigurerAdapter {
  25.         return object : SecurityConfigurerAdapter() {
  26.             override fun configure(http: HttpSecurity) {
  27.                 http.antMatcher("/myapp/api/**")
  28.                     .authorizeRequests {
  29.                         it.antMatchers(HttpMethod.GET, "/myapp/api/vehicles/**").permitAll()
  30.                         // Other application endpoints can be configured here
  31.                     }
  32.                     .anyRequest().authenticated()
  33.                     .and()
  34.                     .oauth2ResourceServer()
  35.                     .jwt()
  36.                     .jwtAuthenticationConverter(jwtAuthenticationConverter())
  37.             }
  38.         }
  39.     }
  41.     @Bean
  42.     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
  43.         http.csrf().disable() // Disable CSRF for simplicity
  44.         http.apply(actuatorSecurityConfigurerAdapter())
  45.         http.apply(appSecurityConfigurerAdapter())
  46.         return http.build()
  47.     }

字符串
actuatorSecurityConfigurerAdapter为执行器端点配置安全性,appSecurityConfigurerAdapter为应用程序端点配置安全性。securityFilterChain bean将这两种配置应用于整体安全设置。
通过这种方式,您可以为执行器和应用程序端点提供不同的安全配置,并且它们将基于指定的基本路径应用。

展开查看全部
赞(0)分享  回复(0)举报  2024-01-05
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com