Securing the Eureka Server
The last bastion to secure is our Eureka Server. To do so, we need to adopt similar steps to what we did with the Config Server.
First, add Spring Security to the Eureka Server, as follows:
compile('org.springframework.boot:spring-boot-starter-security')
This preceding dependency will enable Spring Security automatically. However, just like Config Server, it will generate a random password every time it launches. To pin the password, we need to add the same UserDetailsService
bean as follows:
@Bean UserDetailsService userDetailsService() { return new InMemoryUserDetailsManager( User .withUsername("user") .password("password") .roles("USER").build()); }
The recommended way to plug in the username/password settings for a Eureka client is by using the URL notation. For the chat
service, we need to update the Config Server with this:
eureka: client: serviceUrl: defaultZone: http://user:password@localhost...