BAEL-315 added security to config and dsicovery servers.
This commit is contained in:
parent
798e72a121
commit
b7ec6f3e4c
|
@ -1,4 +1,4 @@
|
|||
package com.baeldung.spring.cloud.integration.config;
|
||||
package com.baeldung.spring.cloud.bootstrap.config;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
|
@ -1,8 +1,9 @@
|
|||
package com.baeldung.spring.cloud.integration.config;
|
||||
package com.baeldung.spring.cloud.bootstrap.config;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
||||
|
@ -15,11 +16,24 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
auth.inMemoryAuthentication()
|
||||
.withUser("config_discUser")
|
||||
.password("discPassword")
|
||||
.roles("SYSTEM")
|
||||
.and()
|
||||
.withUser("config_gatewayUser")
|
||||
.password("gatewayPassword")
|
||||
.roles("SYSTEM")
|
||||
.and()
|
||||
.withUser("config_resourceUser")
|
||||
.password("resourcePassword");
|
||||
.password("resourcePassword")
|
||||
.roles("SYSTEM");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.httpBasic().and()
|
||||
.csrf().disable();
|
||||
}
|
||||
}
|
|
@ -5,4 +5,4 @@ spring.cloud.config.server.git.uri=file:///${user.home}/application-config
|
|||
|
||||
eureka.client.region = default
|
||||
eureka.client.registryFetchIntervalSeconds = 5
|
||||
eureka.client.serviceUrl.defaultZone=disc_configUser:configPassword@http://localhost:8082/eureka/
|
||||
eureka.client.serviceUrl.defaultZone=http://disc_configUser:configPassword@localhost:8082/eureka/
|
|
@ -1,4 +1,4 @@
|
|||
package com.baeldung.spring.cloud.integration.discovery;
|
||||
package com.baeldung.spring.cloud.bootstrap.discovery;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
|
@ -1,8 +1,10 @@
|
|||
package com.baeldung.spring.cloud.integration.discovery;
|
||||
package com.baeldung.spring.cloud.bootstrap.discovery;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
|
||||
|
@ -15,14 +17,34 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
auth.inMemoryAuthentication()
|
||||
.withUser("disc_configUser")
|
||||
.password("configPassword")
|
||||
.roles("SYSTEM")
|
||||
.and()
|
||||
.withUser("disc_discUser")
|
||||
.password("discPassword")
|
||||
.roles("SYSTEM")
|
||||
.and()
|
||||
.withUser("disc_gatewayUser")
|
||||
.password("gatewayPassword")
|
||||
.roles("SYSTEM")
|
||||
.and()
|
||||
.withUser("disc_resourceUser")
|
||||
.password("resourcePassword");
|
||||
.password("resourcePassword")
|
||||
.roles("SYSTEM")
|
||||
.and()
|
||||
.withUser("admin")
|
||||
.password("password")
|
||||
.roles("ADMIN");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers(HttpMethod.GET, "/").hasRole("ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.httpBasic()
|
||||
.and()
|
||||
.csrf().disable();
|
||||
}
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
package com.baeldung.spring.cloud.integration.resource;
|
||||
package com.baeldung.spring.cloud.bootstrap.gateway;
|
||||
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
|
@ -4,4 +4,4 @@ spring.cloud.config.discovery.enabled=true
|
|||
spring.cloud.config.username=config_gatewayUser
|
||||
spring.cloud.config.password=gatewayPassword
|
||||
|
||||
eureka.client.serviceUrl.defaultZone=http://localhost:8082/eureka/
|
||||
eureka.client.serviceUrl.defaultZone=http://disc_gatewayUser:gatewayPassword@localhost:8082/eureka/
|
|
@ -1,4 +1,4 @@
|
|||
package com.baeldung.spring.cloud.integration.resource;
|
||||
package com.baeldung.spring.cloud.bootstrap.resource;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.boot.SpringApplication;
|
|
@ -4,4 +4,4 @@ spring.cloud.config.discovery.enabled=true
|
|||
spring.cloud.config.username=config_resourceUser
|
||||
spring.cloud.config.password=resourcePassword
|
||||
|
||||
eureka.client.serviceUrl.defaultZone=http://localhost:8082/eureka/
|
||||
eureka.client.serviceUrl.defaultZone=http://disc_resourceUser:resourcePassword@localhost:8082/eureka/
|
Loading…
Reference in New Issue