配置修改

spring5-auth/spring5-auth-client/src/main/java/com/yaozhitech/spring5/intercept/ServiceAuthRestInterceptor.java

@@ -47,41 +47,44 @@ public class ServiceAuthRestInterceptor extends HandlerInterceptorAdapter {
 			return super.preHandle(request, response, handler);
 		}
 
-		return super.preHandle(request, response, handler);
+		if (request.getServletPath().startsWith("/actuator")) {
+			return super.preHandle(request, response, handler);
+		}
+		
 
-//		String clientToken = request.getHeader("x-auth-client-" + applicationName);
-//		String client = request.getHeader("x-auth-client");
-//
-//		try {
-//			if (StringUtils.isEmpty(clientToken)) {
-//				String clientName = JwtUtils.getUsername(client);
-//				// authServer校验 客户端是否合法&能否有权限访问
-//				if (Boolean.TRUE.equals(clientAuthProvider.verify(applicationName, clientName.split("\\.")[0],
-//						clientName.split("\\.")[1]))) {
-//					// 给该客户端签名
-//					String signToken = JwtUtils.sign(JwtUtils.generateSalt(), "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr",
-//							3600 * 12);
-//					response.addHeader("x-auth-client-response", signToken);
-//
-//					log.info("auth-server verify success, sign with {}", signToken);
-//
-//					return super.preHandle(request, response, handler);
-//				}
-//
-//			} else {
-//				// jwt校验
-//				if (!JwtUtils.isTokenExpired(clientToken)
-//						&& JwtUtils.verifyToken(clientToken, "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr") != null) {
-//					log.info("local service jwt verify success");
-//					return super.preHandle(request, response, handler);
-//				}
-//			}
-//
-//		} catch (Exception e) {
-//			log.error(e.getMessage(), e);
-//			throw new ClientForbiddenException("Client verfy error");
-//		}
-//
-//		throw new ClientForbiddenException("Client is Forbidden!");
+		String clientToken = request.getHeader("x-auth-client-" + applicationName);
+		String client = request.getHeader("x-auth-client");
+
+		try {
+			if (StringUtils.isEmpty(clientToken)) {
+				String clientName = JwtUtils.getUsername(client);
+				// authServer校验 客户端是否合法&能否有权限访问
+				if (Boolean.TRUE.equals(clientAuthProvider.verify(applicationName, clientName.split("\\.")[0],
+						clientName.split("\\.")[1]))) {
+					// 给该客户端签名
+					String signToken = JwtUtils.sign(JwtUtils.generateSalt(), "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr",
+							3600 * 12);
+					response.addHeader("x-auth-client-response", signToken);
+
+					log.info("auth-server verify success, sign with {}", signToken);
+
+					return super.preHandle(request, response, handler);
+				}
+
+			} else {
+				// jwt校验
+				if (!JwtUtils.isTokenExpired(clientToken)
+						&& JwtUtils.verifyToken(clientToken, "xP3La8IhZjl4fmWXD.AYVH5tor5bn-Rr") != null) {
+					log.info("local service jwt verify success");
+					return super.preHandle(request, response, handler);
+				}
+			}
+
+		} catch (Exception e) {
+			log.error(e.getMessage(), e);
+			throw new ClientForbiddenException("Client verfy error");
+		}
+
+		throw new ClientForbiddenException("Client is Forbidden!");
   }
 }

spring5-order/src/main/resources/application.yml

@@ -1,4 +1,5 @@
 logging:
+  file: /data/logs/order.log
   level:
     root: INFO
     org.springframework.web: INFO
@@ -16,10 +17,7 @@ spring:
   boot:
     admin:
       client:
-        url:
-        - http://127.0.0.1:8022
-        username: admin
-        password: 123456
+        url: http://127.0.0.1:8022
           
   
 password:
@@ -28,5 +26,13 @@ password:
 auth:
   client:
     secret: qx4MXVR9SJm31q2C
-    
+
+
+management:
+  endpoints:
+    web:
+      exposure:
+        include: "*"
+        
+