Hawt.io的Spring Security
[英]Spring Security for Hawt.io
问题描述
I would like to configure Spring Security for Hawt.io with embedded tomcat. 
我想用嵌入式tomcat Spring Security for Hawt.io配置Spring Security for Hawt.io 。 After custom login with (user and password) Hawt.io login is asking to authenticate.But Hawt.io authentication is disabled in code and in config. 使用(用户和密码)自定义登录后,Hawt.io登录要求进行身份验证。但是在代码和配置中禁用了Hawt.io身份验证。 If I remove MvcConfig and WebSecurityConfig with security.basic.enable= false then without any authentication which works.But 如果我用security.basic.enable= false删除MvcConfig和WebSecurityConfig ,那么没有任何可用的身份验证。但是
I want to authenticate with custom username and password which is working after that Hawt.io is also asking the credentials though that part is disabled.
Please help me to resolve this. 请帮我解决这个问题。
application.properties application.properties
hawtio.authenticationEnabled = false
management.security.enabled=false
security.basic.enable= true
security.ignored= /**
login.html 的login.html
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity3">
<head>
<title>Spring Security Example </title>
</head>
<body>
<div th:if="${param.error}">
Invalid username and password.
</div>
<div th:if="${param.logout}">
You have been logged out.
</div>
<form th:action="@{/login}" method="post">
<div><label> User Name : <input type="text" name="username"/> </label></div>
<div><label> Password: <input type="password" name="password"/> </label></div>
<div><input type="submit" value="Sign In"/></div>
</form>
</body>
</html>
MvcConfig.java MvcConfig.java
@Configuration
public class MvcConfig extends WebMvcConfigurerAdapter {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/login").setViewName("login");
}
}
WebSecurityConfig.java WebSecurityConfig.java
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/","/hawtio").permitAll().anyRequest().authenticated().and()
.formLogin().loginPage("/login")
.permitAll().and().logout().permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("user").password("password").roles("USER");
}
}
Application.java Application.java
@SpringBootApplication
@EnableHawtio
public class Application {
public static void main(String[] args) {
System.setProperty(AuthenticationFilter.HAWTIO_AUTHENTICATION_ENABLED, "false");
SpringApplication.run(Application.class, args);
}
}
pom.xml 的pom.xml
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.8.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>io.hawt</groupId>
<artifactId>hawtio-springboot</artifactId>
<version>1.5.6</version>
</dependency>
<dependency>
<groupId>io.hawt</groupId>
<artifactId>hawtio-core</artifactId>
<version>1.5.6</version>
</dependency>
</dependencies>
Update: Connect to dummy camel app like below login for again comes on giving credentials going to 404 error page. 更新:连接到虚拟骆驼应用程序,如下面登录再次来提供凭据进入404错误页面。
1 个解决方案
解决方案1
2 2017-12-08 22:53:35
The following changes are required to make hawtio work with Spring Security and Spring Boot. 要使hawtio与Spring Security和Spring Boot一起使用,需要进行以下更改。 You can find a working example here . 你可以在这里找到一个有效的例子。 However, I wasn't able to update the username in hawtio menubar . 但是,我无法更新hawtio菜单栏中的用户名 。
Configure Spring Security 配置Spring Security
Configure Spring security for application in a standard way except for a few changes specfic to hawtio: 以标准方式为应用程序配置Spring安全性,除了一些特定于hawtio的更改:
Disable hawtio authentication,
禁用hawtio身份验证, @SpringBootApplication @EnableHawtio @ComponentScan(basePackages = {"com.basaki"}) public class Application { public static void main(String[] args) { System.setProperty(AuthenticationFilter. HAWTIO_AUTHENTICATION_ENABLED,"false"); SpringApplication.run(Application.class, args); } }Disable Cross-Site Request Forgery (CSRF) in your application.
在您的应用程序中禁用跨站点请求伪造(CSRF)。 Make sure the logout request URL matches the
/hawtio/auth/logout/*.确保注销请求URL与/hawtio/auth/logout/*匹配。 This is the URL used by hawtio to invalidate a session.这是hawtio用来使会话无效的URL。 @Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter { ... @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/").permitAll() .anyRequest().authenticated() .and().formLogin().loginPage("/login") .failureUrl("/login?error") .permitAll() .and().logout().logoutRequestMatcher( new AntPathRequestMatcher( "/hawtio/auth/logout/*")) .logoutSuccessUrl("/login?logout") .and().csrf().disable(); } ... }
Login Page 登录页面
Since you are using a form login, you will be needing a custom login page.
由于您使用的是表单登录,因此您需要一个自定义登录页面。 In this example, a login.htmlis used.在此示例中,使用了login.html。Configure the
/loginrequest to match viewlogin.html配置/login请求以匹配viewlogin.html@Configuration public class SpringMvcConfiguration extends WebMvcConfigurerAdapter { @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/login").setViewName("login"); } ... }
Updating hawtio's login.html 更新hawtio的login.html
Once you log out from the hawtio page, it takes you to its own login page. 一旦您从hawtio页面注销,它将带您进入自己的登录页面。 Since it's a single page application with AngularJS, you need to replace this partial page with your own custom AngularJS based login page. 由于它是使用AngularJS的单页面应用程序,因此您需要将此部分页面替换为您自己的基于AngularJS的自定义登录页面。
In this example, a
login-hawtio.htmlpage is used.在此示例中,使用login-hawtio.html页面。<div ng-controller="LoginPlugin.LoginController"> <h1 style="color: #78ab46;">Sign in</h1> <form action="/login" method="post"> <div> <label style="font-weight: 700; padding-right: 15px; padding-left: 15px;">Username: <input id="username" type="text" name="username" placeholder="Username"/> </label> </div> <div> <label style="font-weight: 700; padding-right: 15px; padding-left: 15px;">Password: <input id="password" type="password" name="password" required placeholder="Password"/> </label> </div> <div> <button type="submit" class="btn btn-default">Sign In</button> </div> </form> </div>A controller to replace the existing hawtio login page.
用于替换现有hawtio登录页面的控制器。 @Controller public class HawtioController { private ResourceLoader loader; @Autowired public HawtioController(ResourceLoader loader) { this.loader = loader; } @RequestMapping(value = "/hawtio/app/core/html/login.html", method = RequestMethod.GET, produces = "text/html;charset=UTF-8") public void getHawtioLoginHtml(HttpServletResponse response) { String location = "classpath:/templates/login-hawtio.html"; try { String body = getResource(location); response.setStatus(HttpStatus.OK.value()); response.getWriter().write(body); response.getWriter().flush(); response.getWriter().close(); } catch (IOException e) { response.setStatus(HttpStatus.NOT_FOUND.value()); } } ... }
hawtio Login Plugin hawtio登录插件
A custom hawtio plugin is needed to have your own AngularJS login controller,
LoginPlugin.LoginController.需要一个自定义hawtio插件来拥有自己的AngularJS登录控制器LoginPlugin.LoginController。 It's used for redirecting to hawtio's home page after you are logged in from hawto's login page.从hawto的登录页面登录后,它用于重定向到hawtio的主页。 @Configuration public class HawtioConfiguration { @Bean public HawtPlugin samplePlugin() { return new HawtPlugin("login-plugin", "/hawtio/plugins", "", new String[]{"plugin/js/login-plugin.js"}); } }The
login-plugin.jsis located underresources/app/webapp/plugin/jsfolder.login-plugin.js位于resources/app/webapp/plugin/js文件夹下。var LoginPlugin = (function(LoginPlugin) { LoginPlugin.pluginName = 'login-plugin'; LoginPlugin.log = Logger.get('LoginPlugin'); LoginPlugin.module = angular.module('login-plugin', ['hawtioCore']) .config(function($routeProvider) { $routeProvider. when('/home', { templateUrl: '/hawtio/index.html' }); }); LoginPlugin.module.run(function(workspace, viewRegistry, layoutFull) { LoginPlugin.log.info(LoginPlugin.pluginName, " loaded"); viewRegistry["login-plugin"] = layoutFull; workspace.topLevelTabs.push({ id: "LoginPlugin", content: "Login Plugin", title: "Login plugin loaded dynamically", isValid: function(workspace) { return true; }, href: function() { return "#/login-plugin"; }, isActive: function(workspace) { return workspace.isLinkActive("login-plugin"); } }); }); LoginPlugin.LoginController = function($scope, $rootScope, $http) { var fullUrl = "/hawtio/index.html"; $http({method: 'GET', url: fullUrl}); }; return LoginPlugin; })(LoginPlugin || {}); hawtioPluginLoader.addModule(LoginPlugin.pluginName);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.