注册中心配置了spring-security后客户端启动报错

注册中心配置了security后, 报了 registration failed Cannot execute request on any known server 的错误, 原因是 2.1版本的security默认加上了 csrf 拦截, 所以需要通过重写方法, 把csrf拦截禁用

在启动类上加上以下代码(禁用csrf)即解决问题

@EnableWebSecuritystatic class WebSecurityConfig extends WebSecurityConfigurerAdapter {    @Override    protected void configure(HttpSecurity http) throws Exception {        http.csrf().disable()        .authorizeRequests()        .anyRequest()        .authenticated()        .and()        .httpBasic();    }}

完整代码如下:

/** * @author 毛宇鹏 */@EnableEurekaServer@SpringBootApplication(exclude={        DataSourceAutoConfiguration.class,        HibernateJpaAutoConfiguration.class})public class RegisterApplication {    public static void main(String[] args) {        SpringApplication.run(RegisterApplication.class, args);    }    /**     * 2.1版本的security默认加上了 csrf 拦截, 所以需要通过重写方法, 把csrf拦截禁用     * 参考: https://github.com/spring-cloud/spring-cloud-netflix/issues/2754     * <pre>     *     This is because @EnableWebSecurity is now added by default when Spring Security is on the classpath.     *     This enable CSRF protection by default. You will have the same problem in 1.5.10 if you add @EnableWebSecurity.     *     One work around, which is not the most secure workaround if you have browsers using the Eureka dashboard, is to disable CSRF protection.     *     This can be done by adding the following configuration to your app.     * </pre>     */    @EnableWebSecurity    static class WebSecurityConfig extends WebSecurityConfigurerAdapter {        @Override        protected void configure(HttpSecurity http) throws Exception {            http.csrf().disable()            .authorizeRequests()            .anyRequest()            .authenticated()            .and()            .httpBasic();        }    }}