在 Spring Boot Admin (SBA) Server 注册后,客户端的某些执行器会使用 http://springapplication.com/actuator 而不是 https://springapplication .com/执行器。
为什么它将端点更改为 HTTP 而不是停留在 HTTPS?是否可定制?
这里有一些日志和 Java/YML 文件。
日志:
2018-07-02 06:13:27.683 INFO 3194 --- [-client-epoll-7] d.c.b.a.server.services.StatusUpdater : Couldn't retrieve status for Instance(id=0d47f12b0a94, version=57, registration=Registration(name=springbootapplication-Name, managementUrl=https://springbootapplication.com/actuator, healthUrl=https://springbootapplication.com/actuator/health, serviceUrl=https://springbootapplication.com, source=http-api), registered=true, statusInfo=StatusInfo(status=UP, details={}), statusTimestamp=2018-07-02T05:06:08.423Z, info=Info(values={}), endpoints=Endpoints(endpoints={httptrace=Endpoint(id=httptrace, url=http://springbootapplication.com/actuator/httptrace), flyway=Endpoint(id=flyway, url=http://springbootapplication.com/actuator/flyway), loggers=Endpoint(id=loggers, url=http://springbootapplication.com/actuator/loggers), health=Endpoint(id=health, url=https://springbootapplication.com/actuator/health), env=Endpoint(id=env, url=http://springbootapplication.com/actuator/env), heapdump=Endpoint(id=heapdump, url=http://springbootapplication.com/actuator/heapdump), scheduledtasks=Endpoint(id=scheduledtasks, url=http://springbootapplication.com/actuator/scheduledtasks), mappings=Endpoint(id=mappings, url=http://springbootapplication.com/actuator/mappings), beans=Endpoint(id=beans, url=http://springbootapplication.com/actuator/beans), configprops=Endpoint(id=configprops, url=http://springbootapplication.com/actuator/configprops), threaddump=Endpoint(id=threaddump, url=http://springbootapplication.com/actuator/threaddump), metrics=Endpoint(id=metrics, url=http://springbootapplication.com/actuator/metrics), conditions=Endpoint(id=conditions, url=http://springbootapplication.com/actuator/conditions), auditevents=Endpoint(id=auditevents, url=http://springbootapplication.com/actuator/auditevents), info=Endpoint(id=info, url=http://springbootapplication.com/actuator/info), jolokia=Endpoint(id=jolokia, url=http://springbootapplication.com/actuator/jolokia)}), buildVersion=null)
Application.yml(服务器):
server:
port: 5100
spring:
security:
user:
name: admin
password: password
SecuritySecureConfig.java(服务器):
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import de.codecentric.boot.admin.server.config.AdminServerProperties;
@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
private final String adminContextPath;
public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
http.authorizeRequests().antMatchers(adminContextPath + "/assets/**").permitAll()
.antMatchers(adminContextPath + "/login").permitAll().anyRequest().authenticated().and().formLogin()
.loginPage(adminContextPath + "/login").successHandler(successHandler).and().logout()
.logoutUrl(adminContextPath + "/logout").and().httpBasic().and().csrf().disable();
}
}
SpringBootAdminApplication.java(服务器):
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.PropertySource;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import de.codecentric.boot.admin.server.config.EnableAdminServer;
@EnableAutoConfiguration
@EnableWebSecurity
@EnableAdminServer
@SpringBootApplication(scanBasePackages = "administration")
@PropertySource(value = "META-INF/build-info.properties", ignoreResourceNotFound = true)
public class SpringBootAdminApplication {
private static final Logger log = LoggerFactory.getLogger(SpringBootAdminApplication.class);
public static void main(final String[] args) {
SpringApplication.run(SpringBootAdminApplication.class, args);
}
}
Application.yml(客户端):
spring:
application:
name: springapplication
boot:
admin:
client:
username: ${application.security.usernameAdmin}
password: ${application.security.passwordAdmin}
url: "https://springBootAdminServerURL.com"
instance:
service-base-url: https://http://springapplication.com/
metadata:
user.name: ${application.security.usernameAdmin}
user.password: ${application.security.passwordAdmin}
management:
endpoints:
web:
exposure:
include: "*"
application:
security:
usernameAdmin: admin
passwordAdmin: password
最佳答案
我遇到了同样的问题。查看您的应用程序 /actuator 端点。它是否将 url 报告为 http?它对我有用,即使 health 使用 https。为我解决的是添加 server.use-forward-headers=true ,它添加了所有 X-Forwarded-*,包括 X-Forwared-Proto 标识方案 (http/https)。
请记住,如果您的应用程序位于 NGINX 等反向代理之后,您还需要进行配置。 NGINX 示例
location / {
proxy_set_header X-Forwarded-Proto $scheme;
...
}
关于java - Spring Boot Admin 使用 HTTP 而不是 HTTPS Actuator Endpoints,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51136734/