[英]Spring Cloud config server disable encryption and decryption endpoint
I am trying to disable encrypt and decrypt end points in spring cloud config server. 我试图在spring cloud配置服务器中禁用加密和解密端点。 My Bootstrap.yml file is 我的Bootstrap.yml文件是
spring:
cloud:
config:
server:
encrypt:
enabled: false
encrypt:
keyStore:
location: ####
password: ####
alias: ####
secret: ###
I tried this properties file with different verions of spring cloud and spring boot Tried spring boot version 1.5.8.RELEASE and springCloudVersion = 'Dalston.SR4' 我尝试了这个属性文件,其中包含不同版本的spring cloud和spring boot试用的spring boot版本1.5.8.RELEASE和springCloudVersion ='Dalston.SR4'
also tried 也试过了
springBootVersion = '2.0.5.RELEASE' and springCloudVersion = 'Finchley.SR1' springBootVersion ='2.0.5.RELEASE'和springCloudVersion ='Finchley.SR1'
but still I encryption and decryption endpoints are working. 但我仍然加密和解密端点正在工作。
Use Spring Security to block this URI, with this configuration endpoint URLs are not publicly available. 使用Spring Security来阻止此URI,此配置端点URL不公开。
package com.debopam.configserver;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
* @author Debopam
*
*/
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("configUser").password("configPassword").roles("SYSTEM")
.and()
.withUser("admin").password("admin").roles("SUPERUSER","ADMIN")
.and()
.withUser("actuator").password("actuator").roles("ACTUATOR");;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/encrypt**").hasAnyRole("SUPERUSER","ADMIN")
.antMatchers("/decrypt**").hasAnyRole("SUPERUSER","ADMIN")
.anyRequest().hasRole("SYSTEM").and().httpBasic().and().csrf().disable();
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.