“This is my fourth day of participating in the First Challenge 2022. For more details: First Challenge 2022.”
Spring Boot Admin (SBA) is an open source community project for managing and monitoring Spring Boot applications, It provides detailed health information, memory information, JVM system and environment properties, garbage collection information, log setup and viewing, scheduled task viewing, Spring Boot cache viewing and management, and more. The SBA monitoring overview is as follows:
- The alarm function of the monitored Spring Boot project is indispensable because we cannot always watch the SBA monitoring system, but we need to know in the first time when there is a problem with the system.
- By default, SBA can be used without permission verification, that is, all users can use the address normally if they know it. This does not meet the security requirements of the production system, so user authorization is also essential.
Let’s look at the concrete implementation of the above functions.
1. Add alarm reminder function
Alarm reminder function is based on the mailbox, of course, you can also use other reminder functions, such as the nail or flying book robot reminder is also ok, but the mailbox alarm function is the lowest cost, so this article we look at the concrete realization of the mailbox alarm reminder function.
1.1 Adding the Mail Support framework
Add the following configuration to the SBA dependency file pom.xml:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-mail</artifactId>
</dependency>
Copy the code1.2 Configuring Receiving and Sending Email Addresses
In the SBA configuration file application.properties, add the following configuration for receiving and sending mailboxes:
# configuration send email [email protected] # configuration receive email SMTP email [email protected] # configuration Address (the fixed host of qq email is smtp.qq.com) spring.mail.host=smtp.qq.com Password = XXXXXX # configure the account name of the email (this is the account name of the email) [email protected]Copy the code1.2.1 Enabling the SMTP service
SMTP is a protocol that provides reliable and efficient E-mail transmission. The SMTP service must be enabled for the email box to be sent. Otherwise, the email sending function cannot be implemented. If you are using QQ email refer to the following configuration, open QQ email, find the IMAP/SMTP service in the email account Settings and enable it, as shown in the picture below:
1.2.2 Generating an Authorization Code
The email to be sent should generate an email authorization code. Take QQ email as an example, find “Generate authorization Code” in the account Settings of the email and click to generate it, as shown in the picture below:
1.3 Email alarm test
After the above configuration, ** no need to add any code!! No code to add!! No code to add!! ** can realize the project status change email notification function. Let’s test, close my local monitored Spring Boot project, and the mailbox will receive the offline message of the project, as shown in the picture below:
1.4 Precautions
Precautions for alarm function are as follows:
- The SMTP service must be enabled on the email box that sends emails.
- You do not need to set a password for sending email. You only need to set an email authorization code for the configuration item Spring.mail. password.
- The sending and receiving email addresses can be the same.
- SBA mailbox alarm reminder function does not need to add any code, just need to add the corresponding framework support, and then configure the correct receiving and sending mailbox.
1.5 Configuring Multiple Alarm notification mailboxes
Alarm function of the project, usually need to notify the relevant person in charge of a group of, rather than a person, such as might notice, head of operations, procedures, and the project manager, etc., and SBA people remind email configuration is also very easy, only need in the configuration file of SBA add multiple receives an E-mail, between multiple E-mail use commas in English, The configuration is as follows:
# configuration receiving mailboxes spring. The boot. Admin. Notify. Mail. To = XXX@qq.com,yyy@qq.com
Copy the code2. Set the access permission
SBA does not have permission authentication by default, but the production environment must configure permission authentication. Here, we add the Spring Security framework to achieve permission interception, as follows.
2.1 Adding Security Framework Support
Add the following configuration to the SBA dependency file pom.xml:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
Copy the code2.2 Setting the Login Account
Add the following configuration to the SBA configuration file application.properties:
# set the login user name, password and role spring. Security. The user. The name = java666 spring. Security. The user. The password = java666 spring.security.user.roles=SBA_ADMINCopy the code2.3 Setting Permission Resources
Next in the SBA project, add the following resource Settings classes as shown in the following code (to be used by copying directly into the project) :
import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
@EnableWebSecurity
@Configuration(proxyBeanMethods = false)
public class AdminSecurityConfig extends WebSecurityConfigurerAdapter {
private final String adminContextPath;
public AdminSecurityConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(adminContextPath + "/");
http.authorizeRequests()
.antMatchers(adminContextPath + "/assets/**").permitAll()
.antMatchers(adminContextPath + "/login").permitAll()
.antMatchers(adminContextPath + "/instances/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
.logout().logoutUrl(adminContextPath + "/logout").and()
.httpBasic().and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringAntMatchers(
adminContextPath + "/instances",
adminContextPath + "/actuator/**"
);
}
@Override
public void configure(WebSecurity web) {
web.ignoring().antMatchers("/actuator/**"); }}Copy the code2.4 visit the SBA
At this point, you need to enter the user name and password to access the SBA monitoring system, as shown below:
conclusion
SBA alarm reminder function only needs to add the mail sending framework, configure the right to receive and send mail, without adding any code can realize the alarm reminder function, and alarm reminder mailbox can be configured multiple. SBA can implement user permission validation by adding Spring Security.
Judge right and wrong from yourself, praise to listen to others, gain and loss in the number.
Public number: Java interview analysis
Interview collection: gitee.com/mydb/interv…