BAEL-315 Change some security settings to allow discovery server operations. Copy static files from the eureka project to the zuul filter to display the discovery dashboard through the proxy.
This commit is contained in:
parent
2a7b598cf0
commit
a66aeb1157
|
@ -2,14 +2,17 @@ package com.baeldung.spring.cloud.bootstrap.discovery;
|
||||||
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.core.annotation.Order;
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
|
@Order(1)
|
||||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
|
@ -23,14 +26,43 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
http
|
http
|
||||||
|
.sessionManagement()
|
||||||
|
.sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
|
||||||
|
.and()
|
||||||
|
.requestMatchers()
|
||||||
|
.antMatchers("/eureka/**")
|
||||||
|
.and()
|
||||||
.authorizeRequests()
|
.authorizeRequests()
|
||||||
.antMatchers("/eureka/js/**","/eureka/css/**","/eureka/images/**","/eureka/fonts/**").authenticated()
|
|
||||||
.antMatchers("/eureka/**").hasRole("SYSTEM")
|
.antMatchers("/eureka/**").hasRole("SYSTEM")
|
||||||
.antMatchers(HttpMethod.GET, "/").hasRole("ADMIN")
|
.anyRequest().denyAll()
|
||||||
.anyRequest().authenticated()
|
.and()
|
||||||
.and()
|
.httpBasic()
|
||||||
|
.and()
|
||||||
|
.csrf().disable();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
//no order tag means this is the last security filter to be evaluated
|
||||||
|
public static class AdminSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
|
@Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
|
||||||
|
auth.inMemoryAuthentication();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override protected void configure(HttpSecurity http) throws Exception {
|
||||||
|
http
|
||||||
|
.sessionManagement()
|
||||||
|
.sessionCreationPolicy(SessionCreationPolicy.NEVER)
|
||||||
|
.and()
|
||||||
.httpBasic()
|
.httpBasic()
|
||||||
.and()
|
.disable()
|
||||||
|
.authorizeRequests()
|
||||||
|
.antMatchers(HttpMethod.GET, "/").hasRole("ADMIN")
|
||||||
|
.antMatchers("/info","/health").authenticated()
|
||||||
|
.antMatchers("/eureka/js/**", "/eureka/css/**", "/eureka/images/**", "/eureka/fonts/**").authenticated()
|
||||||
|
.anyRequest().denyAll()
|
||||||
|
.and()
|
||||||
.csrf().disable();
|
.csrf().disable();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue