springboot actuator 配置密码
时间: 2023-10-20 09:08:56 浏览: 42
要配置Spring Boot Actuator密码,可以按照以下步骤进行操作:
1. 在`application.properties`文件中添加以下配置:
```
management.endpoints.web.exposure.include=*
management.endpoint.health.show-details=always
management.endpoint.info.enabled=true
management.endpoint.metrics.enabled=true
management.endpoint.prometheus.enabled=true
management.endpoint.logfile.enabled=true
management.endpoint.shutdown.enabled=true
management.endpoints.web.base-path=/actuator
management.security.enabled=true
management.security.roles=ACTUATOR_ADMIN
```
2. 在`pom.xml`文件中添加Spring Security依赖:
```
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
```
3. 创建一个Spring Security配置类,例如:
```
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class ActuatorSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/actuator/**").hasRole("ACTUATOR_ADMIN")
.and()
.httpBasic();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("admin")
.password("{noop}password")
.roles("ACTUATOR_ADMIN");
}
}
```
该类会启用Spring Security,并配置用户名和密码,以及允许访问Actuator端点的角色。
4. 启动应用程序并尝试访问`/actuator`端点。您将被提示输入用户名和密码才能访问Actuator端点。