Skip to content

I
ibzou
提交 f075b826 编写于 作者: ibizdev's avatar ibizdev
浏览文件
操作

laizhilong 部署微服务接口

上级 a1583e4e
隐藏空白字符变更
内嵌 并排
正在显示 包含 50 行增加9 行删除
config.xml
浏览文件 @ f075b826
......@@ -37,6 +37,11 @@
git clone -b master $para2 ibzou/
export NODE_OPTIONS=--max-old-space-size=4096
cd ibzou/
mvn clean package -Papi
cd ibzou-provider/ibzou-provider-api
mvn -Papi docker:build
mvn -Papi docker:push
docker -H $para1 stack deploy --compose-file=src/main/docker/ibzou-provider-api.yaml ibzlab-rt --with-registry-auth
</command>
</hudson.tasks.Shell>
</builders>
......
ibzou-provider/ibzou-provider-api/src/main/docker/Dockerfile
浏览文件 @ f075b826
......@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
sleep ${IBZ_SLEEP} && \
java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzou-provider-api.jar
EXPOSE 8081
EXPOSE 40001
ADD ibzou-provider-api.jar /ibzou-provider-api.jar
ibzou-provider/ibzou-provider-api/src/main/docker/ibzou-provider-api.yaml
浏览文件 @ f075b826
......@@ -3,9 +3,21 @@ services:
ibzou-provider-api:
image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzou-provider-api:latest
ports:
- "8081:8081"
- "40001:40001"
networks:
- agent_network
environment:
- SPRING_CLOUD_NACOS_DISCOVERY_IP=172.16.180.237
- SERVER_PORT=40001
- SPRING_CLOUD_NACOS_DISCOVERY_SERVER-ADDR=172.16.102.211:8848
- SPRING_REDIS_HOST=172.16.100.243
- SPRING_REDIS_PORT=6379
- SPRING_REDIS_DATABASE=0
- SPRING_DATASOURCE_USERNAME=a_A_5d9d78509
- SPRING_DATASOURCE_PASSWORD=@6dEfb3@
- SPRING_DATASOURCE_URL=jdbc:mysql://172.16.180.232:3306/a_A_5d9d78509?autoReconnect=true&useUnicode=true&characterEncoding=UTF-8&useOldAliasMetadataBehavior=true
- SPRING_DATASOURCE_DRIVER-CLASS-NAME=com.mysql.jdbc.Driver
- SPRING_DATASOURCE_DEFAULTSCHEMA=a_A_5d9d78509
deploy:
mode: replicated
replicas: 1
......
ibzou-provider/ibzou-provider-api/src/main/java/cn/ibizlab/api/config/apiSecurityConfig.java
浏览文件 @ f075b826
......@@ -40,6 +40,21 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
AuthorizationTokenFilter authenticationTokenFilter;
@Value("${ibiz.auth.path:v7/login}")
private String loginPath;
@Value("${ibiz.auth.logoutpath:v7/logout}")
private String logoutPath;
@Value("${ibiz.file.uploadpath:ibizutil/upload}")
private String uploadpath;
@Value("${ibiz.file.downloadpath:ibizutil/download}")
private String downloadpath;
@Value("${ibiz.file.previewpath:ibizutil/preview}")
private String previewpath;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
......@@ -67,13 +82,16 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
httpSecurity
// 禁用 CSRF
.csrf().disable()
// 授权异常
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
// 不创建会话
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
// 过滤请求
.authorizeRequests()
.antMatchers(
......@@ -88,15 +106,21 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
"/**/fonts/**",
"/**/js/**",
"/**/img/**",
"/",
"/webjars/**",
"/swagger-resources/**",
"/v2/**"
"/"
).permitAll()
// 服务中暂时只为重构用户身份,不进行身份认证
.anyRequest().permitAll()
//放行登录请求
.antMatchers( HttpMethod.POST,"/"+loginPath).permitAll()
//放行注销请求
.antMatchers( HttpMethod.GET,"/"+logoutPath).permitAll()
// 文件操作
.antMatchers("/"+downloadpath+"/**").permitAll()
.antMatchers("/"+uploadpath).permitAll()
.antMatchers("/"+previewpath+"/**").permitAll()
// 所有请求都需要认证
.anyRequest().authenticated()
// 防止iframe 造成跨域
.and().headers().frameOptions().disable();
httpSecurity
.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
}
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册