1. pom 加入 security
<!-- 加入密码认证 --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency>
2. 加入配置类 SecuritySecureConfig
package org.fh.config; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import de.codecentric.boot.admin.server.config.AdminServerProperties; /** * 说明:SecuritySecure配置 * 作者:FH Admin * from:fhadmin.cn */ @Configuration public class SecuritySecureConfig extends WebSecurityConfigurerAdapter { private final String adminContextPath; public SecuritySecureConfig(AdminServerProperties adminServerProperties) { this.adminContextPath = adminServerProperties.getContextPath(); } @Override protected void configure(HttpSecurity http) throws Exception { SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); successHandler.setTargetUrlParameter("redirectTo"); http.headers().frameOptions().disable(); http.authorizeRequests().antMatchers(adminContextPath + "/assets/**",adminContextPath + "/actuator/**").permitAll() .antMatchers(adminContextPath + "/login").permitAll().anyRequest().authenticated().and().formLogin() .loginPage(adminContextPath + "/login").successHandler(successHandler).and().logout() .logoutUrl(adminContextPath + "/logout").and().httpBasic().and().csrf().disable(); } }
3. 配置 application.properties
#开启安全认证 用户名和密码 spring.security.user.name=fhadmin spring.security.user.password=root spring.security.basic.enabled=true