Java Hawt.io的春季安全
我想用嵌入式tomcat为Hawt.io配置Spring安全性。使用(用户和密码)自定义登录后,Hawt.io登录请求进行身份验证。但在代码和配置中禁用了Hawt.io身份验证。如果我使用Java Hawt.io的春季安全,java,spring-security,hawtio,Java,Spring Security,Hawtio,我想用嵌入式tomcat为Hawt.io配置Spring安全性。使用(用户和密码)自定义登录后,Hawt.io登录请求进行身份验证。但在代码和配置中禁用了Hawt.io身份验证。如果我使用security.basic.enable=false删除MvcConfig和WebSecurityConfig,则没有任何有效的身份验证。但是 我想用自定义用户名和密码进行身份验证 在那之后工作Hawt.io也会询问凭证 零件已禁用 请帮我解决这个问题 应用程序属性 hawtio.authentication
security.basic.enable=falseMvcConfigWebSecurityConfighawtio.authenticationEnabled = false
management.security.enabled=false
security.basic.enable= true
security.ignored= /**
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity3">
<head>
<title>Spring Security Example </title>
</head>
<body>
<div th:if="${param.error}">
Invalid username and password.
</div>
<div th:if="${param.logout}">
You have been logged out.
</div>
<form th:action="@{/login}" method="post">
<div><label> User Name : <input type="text" name="username"/> </label></div>
<div><label> Password: <input type="password" name="password"/> </label></div>
<div><input type="submit" value="Sign In"/></div>
</form>
</body>
</html>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.8.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>io.hawt</groupId>
<artifactId>hawtio-springboot</artifactId>
<version>1.5.6</version>
</dependency>
<dependency>
<groupId>io.hawt</groupId>
<artifactId>hawtio-core</artifactId>
<version>1.5.6</version>
</dependency>
</dependencies>
@Configuration
public class MvcConfig extends WebMvcConfigurerAdapter {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/login").setViewName("login");
}
}
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/","/hawtio").permitAll().anyRequest().authenticated().and()
.formLogin().loginPage("/login")
.permitAll().and().logout().permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("user").password("password").roles("USER");
}
}
@SpringBootApplication
@EnableHawtio
public class Application {
public static void main(String[] args) {
System.setProperty(AuthenticationFilter.HAWTIO_AUTHENTICATION_ENABLED, "false");
SpringApplication.run(Application.class, args);
}
}
@Configuration
public class MvcConfig extends WebMvcConfigurerAdapter {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/login").setViewName("login");
}
}
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/","/hawtio").permitAll().anyRequest().authenticated().and()
.formLogin().loginPage("/login")
.permitAll().and().logout().permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("user").password("password").roles("USER");
}
}
@SpringBootApplication
@EnableHawtio
public class Application {
public static void main(String[] args) {
System.setProperty(AuthenticationFilter.HAWTIO_AUTHENTICATION_ENABLED, "false");
SpringApplication.run(Application.class, args);
}
}
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity3">
<head>
<title>Spring Security Example </title>
</head>
<body>
<div th:if="${param.error}">
Invalid username and password.
</div>
<div th:if="${param.logout}">
You have been logged out.
</div>
<form th:action="@{/login}" method="post">
<div><label> User Name : <input type="text" name="username"/> </label></div>
<div><label> Password: <input type="password" name="password"/> </label></div>
<div><input type="submit" value="Sign In"/></div>
</form>
</body>
</html>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.8.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>io.hawt</groupId>
<artifactId>hawtio-springboot</artifactId>
<version>1.5.6</version>
</dependency>
<dependency>
<groupId>io.hawt</groupId>
<artifactId>hawtio-core</artifactId>
<version>1.5.6</version>
</dependency>
</dependencies>
org.springframework.boot
要使hawtio与弹簧安全和弹簧靴配合使用,需要进行以下更改。你可以找到一个有效的例子。但是,我无法在hawtio menubar中更新用户名
配置Spring安全性
以标准方式为应用程序配置Spring安全性,但
hawtio的一些特殊变化:
- 禁用hawtio身份验证
@SpringBootApplication
@EnableHawtio
@ComponentScan(basePackages = {"com.basaki"})
public class Application {
public static void main(String[] args) {
System.setProperty(AuthenticationFilter.
HAWTIO_AUTHENTICATION_ENABLED,"false");
SpringApplication.run(Application.class, args);
}
}
- 在应用程序中禁用跨站点请求伪造(CSRF)
- 确保注销请求URL与
/hawtio/auth/logout/*
匹配。
这是hawtio用来使会话无效的URL
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
...
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/").permitAll()
.anyRequest().authenticated()
.and().formLogin().loginPage("/login")
.failureUrl("/login?error")
.permitAll()
.and().logout().logoutRequestMatcher(
new AntPathRequestMatcher(
"/hawtio/auth/logout/*"))
.logoutSuccessUrl("/login?logout")
.and().csrf().disable();
}
...
}
登录页面
- 由于您使用的是表单登录,因此需要自定义登录页面。在本例中,使用了
login.html
- 配置
/login
请求以匹配视图login.html
@Configuration
public class SpringMvcConfiguration extends WebMvcConfigurerAdapter {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/login").setViewName("login");
}
...
}
更新hawtio的login.html
一旦您从hawtio页面注销,它会将您带到它自己的登录页面。因为它是一个带有AngularJS的单页应用程序,所以您需要用您自己的基于AngularJS的自定义登录页面替换这个部分页面
@Controller
public class HawtioController {
private ResourceLoader loader;
@Autowired
public HawtioController(ResourceLoader loader) {
this.loader = loader;
}
@RequestMapping(value = "/hawtio/app/core/html/login.html", method = RequestMethod.GET,
produces = "text/html;charset=UTF-8")
public void getHawtioLoginHtml(HttpServletResponse response) {
String location = "classpath:/templates/login-hawtio.html";
try {
String body = getResource(location);
response.setStatus(HttpStatus.OK.value());
response.getWriter().write(body);
response.getWriter().flush();
response.getWriter().close();
} catch (IOException e) {
response.setStatus(HttpStatus.NOT_FOUND.value());
}
}
...
}
@Configuration
public class HawtioConfiguration {
@Bean
public HawtPlugin samplePlugin() {
return new HawtPlugin("login-plugin",
"/hawtio/plugins",
"",
new String[]{"plugin/js/login-plugin.js"});
}
}
- 在本例中,使用了
login hawtio.html
页面
<div ng-controller="LoginPlugin.LoginController">
<h1 style="color: #78ab46;">Sign in</h1>
<form action="/login" method="post">
<div>
<label style="font-weight: 700; padding-right: 15px;
padding-left: 15px;">Username:
<input id="username" type="text" name="username"
placeholder="Username"/>
</label>
</div>
<div>
<label style="font-weight: 700; padding-right: 15px;
padding-left: 15px;">Password:
<input id="password" type="password"
name="password" required
placeholder="Password"/>
</label>
</div>
<div>
<button type="submit" class="btn btn-default">Sign In</button>
</div>
</form>
</div>
hawtio登录插件
- 需要自定义hawtio插件才能拥有自己的AngularJS登录控制器,
LoginPlugin.LoginController
。它用于在您从hawto的登录页面登录后重定向到hawto的主页
@Controller
public class HawtioController {
private ResourceLoader loader;
@Autowired
public HawtioController(ResourceLoader loader) {
this.loader = loader;
}
@RequestMapping(value = "/hawtio/app/core/html/login.html", method = RequestMethod.GET,
produces = "text/html;charset=UTF-8")
public void getHawtioLoginHtml(HttpServletResponse response) {
String location = "classpath:/templates/login-hawtio.html";
try {
String body = getResource(location);
response.setStatus(HttpStatus.OK.value());
response.getWriter().write(body);
response.getWriter().flush();
response.getWriter().close();
} catch (IOException e) {
response.setStatus(HttpStatus.NOT_FOUND.value());
}
}
...
}
@Configuration
public class HawtioConfiguration {
@Bean
public HawtPlugin samplePlugin() {
return new HawtPlugin("login-plugin",
"/hawtio/plugins",
"",
new String[]{"plugin/js/login-plugin.js"});
}
}
login plugin.js
位于resources/app/webapp/plugin/js
文件夹下
var LoginPlugin = (function(LoginPlugin) {
LoginPlugin.pluginName = 'login-plugin';
LoginPlugin.log = Logger.get('LoginPlugin');
LoginPlugin.module = angular.module('login-plugin', ['hawtioCore'])
.config(function($routeProvider) {
$routeProvider.
when('/home', {
templateUrl: '/hawtio/index.html'
});
});
LoginPlugin.module.run(function(workspace, viewRegistry, layoutFull) {
LoginPlugin.log.info(LoginPlugin.pluginName, " loaded");
viewRegistry["login-plugin"] = layoutFull;
workspace.topLevelTabs.push({
id: "LoginPlugin",
content: "Login Plugin",
title: "Login plugin loaded dynamically",
isValid: function(workspace) { return true; },
href: function() { return "#/login-plugin"; },
isActive: function(workspace) {
return workspace.isLinkActive("login-plugin"); }
});
});
LoginPlugin.LoginController = function($scope, $rootScope, $http) {
var fullUrl = "/hawtio/index.html";
$http({method: 'GET', url: fullUrl});
};
return LoginPlugin;
})(LoginPlugin || {});
hawtioPluginLoader.addModule(LoginPlugin.pluginName);
我已经尝试了您的配置,它按预期工作,spring登录表单之后没有hawt.io登录表单。当我尝试使用(连接到远程服务器)连接到时,这不起作用虽然已经再次建立了会话,但它正在询问凭据。如果我们提供凭据,则它将被重定向到并收到404错误。此错误与上面发布的错误相同。您是否可以在GitHub中检查您的项目?我将能够帮助您调试。感谢您的回复,您可以使用这里提供的相同项目,只要你在其他端口创建一个与jolokia的虚拟camel项目,然后尝试从你的hawtio连接,就会出现错误。如果你需要什么,请点击我。我会看一看并让你知道。对于任何camel,请保持以下jolokia功能的依赖关系org.jolokia jolokia core org.jolokia jolokia client java 1.3.3org.jolokia jolokia spring插件1.1.0