BAEL-315 added security to config and dsicovery servers.

This commit is contained in:
Tim Schimandle 2016-10-03 14:24:58 -06:00
parent 798e72a121
commit b7ec6f3e4c
9 changed files with 47 additions and 11 deletions

View File

@ -1,4 +1,4 @@
package com.baeldung.spring.cloud.integration.config;
package com.baeldung.spring.cloud.bootstrap.config;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

View File

@ -1,8 +1,9 @@
package com.baeldung.spring.cloud.integration.config;
package com.baeldung.spring.cloud.bootstrap.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@ -15,11 +16,24 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
auth.inMemoryAuthentication()
.withUser("config_discUser")
.password("discPassword")
.roles("SYSTEM")
.and()
.withUser("config_gatewayUser")
.password("gatewayPassword")
.roles("SYSTEM")
.and()
.withUser("config_resourceUser")
.password("resourcePassword");
.password("resourcePassword")
.roles("SYSTEM");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic().and()
.csrf().disable();
}
}

View File

@ -5,4 +5,4 @@ spring.cloud.config.server.git.uri=file:///${user.home}/application-config
eureka.client.region = default
eureka.client.registryFetchIntervalSeconds = 5
eureka.client.serviceUrl.defaultZone=disc_configUser:configPassword@http://localhost:8082/eureka/
eureka.client.serviceUrl.defaultZone=http://disc_configUser:configPassword@localhost:8082/eureka/

View File

@ -1,4 +1,4 @@
package com.baeldung.spring.cloud.integration.discovery;
package com.baeldung.spring.cloud.bootstrap.discovery;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

View File

@ -1,8 +1,10 @@
package com.baeldung.spring.cloud.integration.discovery;
package com.baeldung.spring.cloud.bootstrap.discovery;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@ -15,14 +17,34 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
auth.inMemoryAuthentication()
.withUser("disc_configUser")
.password("configPassword")
.roles("SYSTEM")
.and()
.withUser("disc_discUser")
.password("discPassword")
.roles("SYSTEM")
.and()
.withUser("disc_gatewayUser")
.password("gatewayPassword")
.roles("SYSTEM")
.and()
.withUser("disc_resourceUser")
.password("resourcePassword");
.password("resourcePassword")
.roles("SYSTEM")
.and()
.withUser("admin")
.password("password")
.roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.httpBasic()
.and()
.csrf().disable();
}
}

View File

@ -1,4 +1,4 @@
package com.baeldung.spring.cloud.integration.resource;
package com.baeldung.spring.cloud.bootstrap.gateway;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

View File

@ -4,4 +4,4 @@ spring.cloud.config.discovery.enabled=true
spring.cloud.config.username=config_gatewayUser
spring.cloud.config.password=gatewayPassword
eureka.client.serviceUrl.defaultZone=http://localhost:8082/eureka/
eureka.client.serviceUrl.defaultZone=http://disc_gatewayUser:gatewayPassword@localhost:8082/eureka/

View File

@ -1,4 +1,4 @@
package com.baeldung.spring.cloud.integration.resource;
package com.baeldung.spring.cloud.bootstrap.resource;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.SpringApplication;

View File

@ -4,4 +4,4 @@ spring.cloud.config.discovery.enabled=true
spring.cloud.config.username=config_resourceUser
spring.cloud.config.password=resourcePassword
eureka.client.serviceUrl.defaultZone=http://localhost:8082/eureka/
eureka.client.serviceUrl.defaultZone=http://disc_resourceUser:resourcePassword@localhost:8082/eureka/