文章目录
- gitee地址
- 项目集成
- 配置spring-Security并只拦截actuator
gitee地址
https://gitee.com/ffch/SpringBootMonitor#spring-boot-monitor监控
可以直接看readme.也可以看我写的
项目集成
直接引入pom
<dependency>
<groupId>cn.pomit</groupId>
<artifactId>spring-boot-monitor</artifactId>
<version>0.0.4</version>
</dependency>项目里面引入了spring-boot-starter-actuator包,
开放端口:
management.endpoints.web.exposure.include=*
或者
management:
endpoints:
web:
exposure:
include: "*"配置登录密码:
spring.boot.monitor.username=cff
spring.boot.monitor.password=123456
spring.boot.monitor.salt=pomit
或者
spring:
boot:
monitor:
username: yida
password: yida
salt: pomit在线查看日志:
logging.file=./log/monitor.log
logging.pattern.file="%clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(%5p) %clr(${PID}){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n%wEx"
或者:
# logback.xml中有详细的日志配置
logging:
config: classpath:config/logback.xml
# 方便Spring Boot Admin页面上实时查看日志
file: logs/spring-boot-plus.log访问地址: http://127.0.0.1:8080/monitor
这样会导致端口都暴露出去,可以使用springsecurity只对/actuator进行登录拦截,这样的话就要先登录security的页面然后在登录,麻烦是麻烦点…
配置spring-Security并只拦截actuator
引入pom:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>配置:
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.stereotype.Component;
@Component
public class ActuatorSecurityConfigure extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests()
.antMatchers("/actuator/**")
.authenticated()
.anyRequest()
.permitAll()
.and().httpBasic()
.and().logout().logoutUrl("/security/logout");
}
}
