Safety certification class must be set in the sub-package program starts the class below
springCloud the Security authentication component is added in two ways. One is to add public safety by writing an authentication component, the other is to add configuration profiles by application.yml.
First, create a secure authentication component module
Step 1: Modify the security authentication module pom file,
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
Note that when you create a safety certification class, create safety certification classes: Step 2: class should be placed under the sub-package all background services start classes where the pack
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
public void configGlobal(AuthenticationManagerBuilder auth)
throws Exception {
auth.inMemoryAuthentication().withUser("java").password("hello")
.roles("USER");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// 表示所有的访问都必须进行认证处理后才可以正常进行
http.httpBasic().and().authorizeRequests().anyRequest()
.fullyAuthenticated();
// 所有的Rest服务一定要设置为无状态,以提升操作性能
http.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}
}
Step 3: Add the component referenced in the parent pom,
<dependency>
<groupId>com.ultrapower</groupId>
<artifactId>springCloud-security</artifactId>
<version>1.0.0-SNAPSHOT</version>
</dependency>
Step 4: Add this component in each pom file server referenced:
<dependency>
<groupId>com.ultrapower</groupId>
<artifactId>springCloud-security</artifactId>
</dependency>
Step 5: If the background service side of the package to start the class is not a parent or sibling class security configuration path just built, it is necessary to modify the startup classpath services.
Step 6: Start verification. By adding on a path on the user's password to access on a browser, but not doing so in the program. Program call, see Ribbon implement or Feign component implementation article.
Second, add safety certification through the configuration file.
It is written above added safety certification for all micro-services. Sign up here for the Eureka Center add safety certification through the configuration file.
Step 1: Modify the pom file Eureka registry. Add a reference to the Security Authentication Security Module
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
</dependency>
Step 2: Modify the registry Eureka application.yml configuration file, add security authentication function is turned on
security:
basic:
enabled: true #开启安全认证服务
user: #添加认证账户及密码
name: ejava
password: ehello
Step 3: Start Eureka registry, visit accordance with the previous access address to see if the interface enter the account password prompt appears, enter the account password, can log in normally.
Step 4: Modify the registered address of the server
eureka:
client:
serviceUrl:
defaultZone: http://ejava:[email protected]:8000/eureka/
defaultZone: ejava: [email protected]: 8000 / eureka /, added at the same address in the "ejava: ehello @" this part. Is among the security check, then the server can be registered certification of Eureka.