spring.security.user.name: adminspring.security.user.password: admin @Confi

1. spring.security.user.name: admin
2. spring.security.user.password: admin
3.  
4. @Configuration
5. public class SecurityConfig extends WebSecurityConfigurerAdapter {
6.  
7. private final String adminContextPath;
8.  
9. public SecurityConfig(AdminServerProperties adminServerProperties) {
10. this.adminContextPath = adminServerProperties.getContextPath();
11. }
12.  
13. @Autowired
14. private LDAPConfig ldapConfig;
15.  
16. /**
17. * Configure LDAP as AuthN manager.
18. * @param auth
19. * @throws Exception
20. */
21. @Override
22. protected void configure(AuthenticationManagerBuilder auth) throws Exception {
23.  
24. try {
25. auth
26. .eraseCredentials(false)
27. .ldapAuthentication()
28. .ldapAuthoritiesPopulator(new DSTLdapAuthoritiesPopulator())
29. .userDnPatterns(ldapConfig.getUserDnPatterns())
30. .contextSource()
31. .url(ldapConfig.getUrl());
32.  
33. } catch (Exception e) {
34. throw new BeanInitializationException("Security configuration failed", e);
35. }
36.  
37. }
38.  
39. /**
40. * Taken from official example: http://codecentric.github.io/spring-boot-admin/2.0.4/#_securing_spring_boot_admin_server
41. * Configure login page.
42. */
43. @Override
44. protected void configure(HttpSecurity http) throws Exception {
45.  
46. http.httpBasic();
47.  
48. if (ldapConfig.isEnabled()) {
49. // @formatter:off
50. SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
51. successHandler.setTargetUrlParameter("redirectTo");
52. successHandler.setDefaultTargetUrl(adminContextPath + "/");
53.  
54. http.authorizeRequests()
55. .antMatchers(adminContextPath + "/assets/**").permitAll()
56. .antMatchers(adminContextPath + "/login").permitAll()
57. .anyRequest().authenticated()
58. .and()
59. .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
60. .logout().logoutUrl(adminContextPath + "/logout").and()
61. .httpBasic().and()
62. .csrf()
63. .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
64. .ignoringAntMatchers(
65. adminContextPath + "/instances",
66. adminContextPath + "/actuator/**"
67. );
68. // If grant-access-to-groups is not configured in application.yml, any WSS-MASTER users are allowed to login to BootAdmin
69. if( ldapConfig.getGrantAccessToGroups() == null ) {
70. http.authorizeRequests().antMatchers("/**").authenticated();
71. } else {
72. // Only users in the group are allowed to login to BootAdmin.
73. // secure all access to only a certain group of users
74. http.authorizeRequests().antMatchers("/**").hasAnyRole(ldapConfig.getGrantAccessToGroups());
75. }
76. }
77.  
78. }
79.  
80. }
81.  
82. management.endpoints.web.base-path=/manage
83. spring.boot.admin.client.url=http://localhost:8081
84. management.endpoints.web.exposure.include=*
85. management.endpoint.health.show-details=always
86.  
87. # Secure the registration at the server.
88. spring.boot.admin.client.username=admin
89. spring.boot.admin.client.password=admin
90.  
91. # This secures the client endpoints
92. spring.security.user.name=admin
93. spring.security.user.password=admin
94.  
95. # These are used by the server to access protected endpoints.
96. spring.boot.admin.client.instance.metadata.user.name=admin
97. spring.boot.admin.client.instance.metadata.user.password=admin