Yudao单体项目 springboot Admin安全验证开启

多云几多2025-10-14 2:07
  1. YudaoWebSecurityConfigurerAdapter中:

注释掉

java 复制代码 
    /**
     * 由于 Spring Security 创建 AuthenticationManager 对象时,没声明 @Bean 注解,导致无法被注入
     * 通过覆写父类的该方法,添加 @Bean 注解,解决该问题
     */
//    @Bean
//    public AuthenticationManager authenticationManagerBean(AuthenticationConfiguration authenticationConfiguration) throws Exception {
//        return authenticationConfiguration.getAuthenticationManager();
//    }

新增

java 复制代码 
// 配置Admin路径的过滤器链(高优先级)
    @Order(Ordered.HIGHEST_PRECEDENCE)
    @Bean
    public SecurityFilterChain adminSecurityFilterChain(HttpSecurity http) throws Exception {
        String adminContextPath = "/admin";

        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setTargetUrlParameter("redirectTo");
        successHandler.setDefaultTargetUrl(adminContextPath + "/");

        http
                .securityMatchers(matchers -> matchers
                        .requestMatchers(adminContextPath + "/**")
                )
                .authorizeHttpRequests(auth -> auth
                        .requestMatchers(adminContextPath + "/assets/**").permitAll()
                        .requestMatchers(adminContextPath + "/login").permitAll()
                        .anyRequest().hasRole("ADMIN")
                )
                .formLogin(form -> form
                        .loginPage(adminContextPath + "/login")
                        .loginProcessingUrl(adminContextPath + "/login")
                        .successHandler(successHandler)
                )
                .logout(logout -> logout
                        .logoutUrl(adminContextPath + "/logout")
                        .logoutSuccessUrl(adminContextPath + "/login?logout")
                )
                .httpBasic(withDefaults())
                .csrf(csrf -> csrf
                        .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
                        .ignoringRequestMatchers(
                                adminContextPath + "/instances",
                                adminContextPath + "/actuator/**"
                        )
                )
                .rememberMe(rememberMe -> rememberMe
                        .key(UUID.randomUUID().toString())
                        .tokenValiditySeconds(1209600)
                )
                .sessionManagement(session -> session
                        .sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
                );

        return http.build();
    }

修改:

java 复制代码 
@Bean
@Order(Ordered.LOWEST_PRECEDENCE) // 新增:优先级低
protected SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {...}
  1. Infra 模块中SecurityConfiguration中:

注释掉:

java 复制代码 
// Spring Boot Admin Server 的安全配置
registry.requestMatchers(adminSeverContextPath).permitAll()
        .requestMatchers(adminSeverContextPath + "/**").permitAll();
  1. TokenAuthenticationFilter中:
java 复制代码 
@Override
    @SuppressWarnings("NullableProblems")
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
            throws ServletException, IOException {
        String token = SecurityFrameworkUtils.obtainAuthorization(request,
                securityProperties.getTokenHeader(), securityProperties.getTokenParameter());
    // 新增以下代码    
    if (request.getRequestURI().startsWith("/admin/")) {
            chain.doFilter(request, response);
            return;
        }
   
    ...
  1. application.yaml
java 复制代码 
spring:
  security:
    user:
      name: admin
      password: $2a$10$12i5oKpeTFgyziHNeSGhOeJJy6 # bcrypt加密
      roles: ADMIN
  1. application-local.yaml
java 复制代码 
# Spring Boot Admin 配置项
spring:
  boot:
    admin:
      # Spring Boot Admin Client 客户端的相关配置
      client:
        url: http://127.0.0.1:${server.port}/${spring.boot.admin.context-path} # 设置 Spring Boot Admin Server 地址
        instance:
          service-host-type: IP # 注册实例时,优先使用 IP [IP, HOST_NAME, CANONICAL_HOST_NAME]
        username: admin
        password: ***
      # Spring Boot Admin Server 服务端的相关配置
      context-path: /admin # 配置 Spring

注意,如果是配置的nginx反代https请求,则上面的application-local.yaml需要配置:

复制代码 
# Spring Boot Admin 配置项
spring:
  boot:
    admin:
      ui:
        public-url: https://xx.xxxxx.cn/${spring.boot.admin.context-path}
      # Spring Boot Admin Client 客户端的相关配置
      client:
        url: https://xx.xxxxx.cn/${spring.boot.admin.context-path} # 设置 Spring Boot Admin Server 地址
        instance:
          service-host-type: IP # 注册实例时,优先使用 IP [IP, HOST_NAME, CANONICAL_HOST_NAME]
        username: admin
        password: ***
      # Spring Boot Admin Server 服务端的相关配置
      context-path: /wz-admin # 配置 Spring
相关推荐
沙子迷了蜗牛眼14 分钟前
当展示列表使用 URL.createObjectURL 的创建临时图片、视频无法加载问题
java·前端·javascript·vue.js
ganshenml16 分钟前
【Android】 开发四角版本全解析:AS、AGP、Gradle 与 JDK 的配套关系
android·java·开发语言
我命由我1234517 分钟前
Kotlin 运算符 - == 运算符与 === 运算符
android·java·开发语言·java-ee·kotlin·android studio·android-studio
小途软件23 分钟前
ssm327校园二手交易平台的设计与实现+vue
java·人工智能·pytorch·python·深度学习·语言模型
alonewolf_9927 分钟前
Java类加载机制深度解析:从双亲委派到热加载实战
java·开发语言
追梦者12328 分钟前
springboot整合minio
java·spring boot·后端
云游31 分钟前
Jaspersoft Studio community edition 7.0.3的应用
java·报表
帅气的你36 分钟前
Spring Boot 集成 AOP 实现日志记录与接口权限校验
java·spring boot
zhglhy1 小时前
Spring Data Slice使用指南
java·spring
win x1 小时前
Redis 主从复制
java·数据库·redis
热门推荐
01GitHub 镜像站点02安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)03Labelme从安装到标注:零基础完整指南04Linux下V2Ray安装配置指南05【踩坑笔记】50系显卡适配的 PyTorch 安装06jdk21下载、安装(Windows、Linux、macOS)07手把手教你通过Gemini3 pro 学生认证,白用一年,手慢无!08GitLab 零基础入门指南:从安装到项目管理全流程09Opencode CLI 安装成功,但是启动失败10UV安装并设置国内源