使用 Spring WebSecurityConfigurerAdapter 时,如何让我的 Elastic Beanstalk 实例保持健康?
[英]How do I keep my Elastic Beanstalk instance healthy when using Spring WebSecurityConfigurerAdapter?
问题描述
Context
语境
I'm hosting a Java SpringBoot application on Elastic Beanstalk, and it's running.我在 Elastic Beanstalk 上托管了一个 Java SpringBoot 应用程序,它正在运行。 I've just merged a branch that adds WebSecurityConfigurerAdapter, requiring a username and password on loading the page.我刚刚合并了一个添加 WebSecurityConfigurerAdapter 的分支,在加载页面时需要用户名和密码。
When run locally, the environment properties are in application.properties , and they are set in Travis and on Elastic Beanstalk under Configuration -> Software.在本地运行时,环境属性位于application.properties中,它们在 Travis 和 Elastic Beanstalk 上的 Configuration -> Software 下设置。
When I Go to Environment , an alert prompts me for username and password, after which it works.当我Go to Environment时,一个警报提示我输入用户名和密码,之后它就可以工作了。
Setting incorrect username or password in Configuration causes 502 errors, as expected.正如预期的那样,在配置中设置不正确的用户名或密码会导致502错误。
Problem问题
The health of this instance is 'Severe', with 100.0 % of the requests are erroring with HTTP 4xx.此实例的运行状况为“严重”, 100.0 % of the requests are erroring with HTTP 4xx.
I believe that I've found the relevant error in the logs:我相信我在日志中发现了相关错误:
ConfigServletWebServerApplicationContext: Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is java.lang.IllegalArgumentException: username cannot be null
New file, SecurityConfig.java新文件,SecurityConfig.java
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private Environment environment;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests().anyRequest().authenticated()
.and()
.httpBasic();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser(environment.getProperty("USERNAME")).password("{noop}" + environment.getProperty("PASSWORD")).roles("USER");
}
}
My understanding of this is that the Health of the instance is evaluated by loading / , at which point no username is found so the page fails to load.我对此的理解是,实例的 Health 是通过加载/来评估的,此时找不到用户名,因此页面无法加载。
If this is the case, how can I allow the Health checks to not fail because of http security?如果是这种情况,我怎样才能让运行状况检查不会因为 http 安全性而失败?
1 个解决方案
解决方案1
0 2021-04-09 10:35:07
Spring has an 'Actuator' for opening up a Health Check endpoint Spring 具有用于打开健康检查端点的“执行器”
By adding the gradle dependency compile group: 'org.springframework.boot', name: 'spring-boot-starter-actuator' , the application gains an /actuator/health endpoint that the ELB Load Balancer can be configured to perform checks on instead of / .通过添加 gradle 依赖compile group: 'org.springframework.boot', name: 'spring-boot-starter-actuator' ,应用程序获得一个/actuator/health端点,ELB 负载均衡器可以配置为执行检查/的
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.