Eureka2.x配置连接密码报错

添加依赖包

1
2
3
4
5
<!--加入服务认证(密码),需要引入security-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>

配置文件 application.yml

2.0版本配置方法(注意:与旧版配置不同)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
server:
port: 8100
eureka:
instance:
hostname: localhost
client:
# 由于该应用为注册中心,所以设置为false,代表不向注册中心注册自己
register-with-eureka: false
# 由于注册中心的职责就是维护服务示例,它并不需要去检索服务,所以也设置为false
fetch-registry: false
serviceUrl:
defaultZone: http://name:pwd@${eureka.instance.hostname}:${server.port}/eureka/
spring:
security:
user:
name: name
password: pwd

测试

启动并访问http://localhost:8100 ,可以看到登录界面, 说明用户密码已经生效了

image.png

接着启动服务注册到注册中心,此时发现启动时抛出异常:Cannot execute request on any known server

image.png

原因是因为新版本的security默认开启了csrf拦截, 所以需要禁用csrf功能. 在启动类中加入以下代码:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
package cn.com.szzt.cloud.register;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
import org.springframework.cloud.netflix.eureka.server.EnableEurekaServer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
* @author 毛宇鹏
*/
@EnableEurekaServer
@SpringBootApplication(exclude={
DataSourceAutoConfiguration.class,
HibernateJpaAutoConfiguration.class
})
public class RegisterApplication {

public static void main(String[] args) {
SpringApplication.run(RegisterApplication.class, args);
}

/**
* 2.1版本的security默认加上了 csrf 拦截, 所以需要通过重写方法, 把csrf拦截禁用
* 参考: https://github.com/yinjihuan/spring-cloud/issues/1
* <pre>
* This is because @EnableWebSecurity is now added by default when Spring Security is on the classpath.
* This enable CSRF protection by default. You will have the same problem in 1.5.10 if you add @EnableWebSecurity.
* One work around, which is not the most secure workaround if you have browsers using the Eureka dashboard, is to disable CSRF protection.
* This can be done by adding the following configurations to your app.
* </pre>
*/
@EnableWebSecurity
static class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
super.configure(http);
}
}
}

问题解决!!

坚持原创技术分享,您的支持将鼓励我继续创作!对, 你想得对, 我真的缺你的这几块钱!
0%