无法更改 Spring 引导管理中的日志级别
[英]Can't change log levels in Spring Boot Admin
问题描述
I'm trying to change log levels at runtime in a Spring Boot Application using Spring Boot Admin but i get a 401 in the browser console and the log level is also not changed.
我正在尝试使用Spring 引导管理在 Spring 引导应用程序中在运行时更改日志级别,但我在浏览器控制台中得到401 ,并且日志级别也没有更改。
What i did is made a springadmin Application and a client named SpringBootClient , the admin would be changing the log levels of the client at runtime.我所做的是创建了一个springadmin应用程序和一个名为SpringBootClient的客户端,管理员将在运行时更改客户端的日志级别。 When i log in into the springadmin Application and i give the username and password specified, i get logged in into the springadmin Application, and i can see my client as UP there, but when i go to change its logs in the loggers tab, i see a message like Configuring WARN failed , when i check the browser console it does a POST request to http://localhost:8080/instances/8723817f5b45/actuator/loggers/com.muktadirkhan and gives a 401 .当我登录到springadmin应用程序并提供指定的用户名和密码时,我登录到springadmin应用程序,我可以在那里看到我的客户端,但是当我 go 在记录器选项卡中更改其日志时,我看到类似配置警告失败的消息,当我检查浏览器控制台时,它向http://localhost:8080/instances/8723817f5b45/actuator/loggers/com.muktadirkhan发出POST请求并给出401 。
This is my application.properties of the springadmin application这是我的springadmin application.properties程序的 application.properties
spring.security.user.name=admin
spring.security.user.password=admin
management.endpoints.web.exposure.include=httptrace,loggers,health,info,metrics
spring.boot.admin.routes.endpoints=env, metrics, trace, jolokia, info, configprops
springadminApplication.java is like this: springadminApplication.java是这样的:
package com.muktadirkhan.springboot;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Configuration;
import de.codecentric.boot.admin.server.config.EnableAdminServer;
@EnableAdminServer
@Configuration
@SpringBootApplication
public class SpringadminApplication {
public static void main(String[] args) {
SpringApplication.run(SpringadminApplication.class, args);
}
}
I have also created a WebSecurityConfig.java in springadmin application which is like this:我还在springadmin应用程序中创建了一个WebSecurityConfig.java ,如下所示:
package com.muktadirkhan.springboot;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import de.codecentric.boot.admin.server.config.AdminServerProperties;
import de.codecentric.boot.admin.server.web.PathUtils;
import java.util.*;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.convert.DurationUnit;
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private final AdminServerProperties adminServer;
public WebSecurityConfig(AdminServerProperties adminServer) {
this.adminServer = adminServer;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
SavedRequestAwareAuthenticationSuccessHandler successHandler =
new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(this.adminServer.getContextPath() + "/");
http
.authorizeRequests()
.antMatchers(this.adminServer.getContextPath() + "/assets/**").permitAll()
.antMatchers(this.adminServer.getContextPath() + "/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage(this.adminServer.getContextPath() + "/login")
.successHandler(successHandler)
.and()
.logout()
.logoutUrl(this.adminServer.getContextPath() + "/logout")
.and()
.httpBasic()
.and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminServer.getContextPath() +
"/instances", HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminServer.getContextPath() +
"/instances/*", HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminServer.getContextPath() + "/actuator/**"))
.and()
.rememberMe()
.key(UUID.randomUUID().toString())
.tokenValiditySeconds(1209600);
}
}
And regarding the client, my SpringBootClientApplication.java is:关于客户端,我的SpringBootClientApplication.java是:
package com.muktadirkhan.springboot;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class SpringBootClientApplication {
public static void main(String[] args) {
SpringApplication.run(SpringBootClientApplication.class, args);
}
}
The application.properties of the client:客户端的application.properties :
server.port=8090
spring.boot.admin.client.url=http://localhost:8080
spring.boot.admin.url=http://localhost:8080
spring.boot.admin.client.username=admin
spring.boot.admin.client.password=admin
management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always
spring.security.user.name=admin
spring.security.user.password=admin
spring.boot.admin.client.instance.metadata.user.name=${spring.security.user.name}
spring.boot.admin.client.instance.metadata.user.password=${spring.security.user.password}
1 个解决方案
解决方案1
0 2019-10-23 15:39:50
You probably have csrf security setup on your client that applies on the actuator endpoints exposed by this one, thus not allowing the spring boot admin server to do any POST request您可能在您的客户端上设置了 csrf 安全设置,该设置适用于由此公开的执行器端点,因此不允许 spring 引导管理服务器执行任何 POST 请求
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.