发表新帖
发表新帖

Spring Boot Actuator Endpoints security doesn't work with custom Spring Security Configuration

后端 未结
关注
4 1408
[愿得一人]
[愿得一人] 2021-02-05 15:19

This is my Spring Boot 1.5.1 Actuator application.properties:

#Spring Boot Actuator
management.contextPath: /actuator
management.security.roles=R_0
4条回答
  • 清酒与你
    清酒与你 (楼主)
    2021-02-05 15:56

    According to this link:

    http://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-monitoring.html

    By default all sensitive HTTP endpoints are secured such that only users that have an ACTUATOR role may access them. Security is enforced using the standard HttpServletRequest.isUserInRole method.

    Use the management.security.roles property if you want something different to ACTUATOR.

    So I think all you have to do is set the following property in application.properties.

    management.security.roles

    Ex:

    management.security.roles=R_0

    0 讨论(0)
 看不清?
提交回复
热议问题