Unauthorized in spring boot admin

Question

I wanted to control the microservices that are running in the Eureka server. I used spring-boot-admin for this, but I am getting the error on accessing the information about the

Answer 1

It's better to setup security by credentials username and password for most of endpoints listed here: https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.html

Exceptions from the rule are health and info endpoints which won't be protected by credentials.

You can set username and password in application.properties like that:

security.user.name=admin
security.user.password=secret

Answer 2

I'm of the opinion that disabling the security to all sensitive endpoints isn't the way to go.

I had this issue while accessing /metrics and apparently, I was missing the spring-boot-starter-security dependency:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

After adding the dependency to my pom.xml, and assuming that I have the following on my application.yml

...
security:
    user:
        name: myActuatorUser
        password: myActuatorPwd
...

I was able to access my /metrics endpoint.

Answer 3

I have had a similar issue. On my spring boot application we had a cors filter to block Http Head requests. So head requests cannot be accepted.

• Check Javascript console log and application log.

• Setting management.security.enabled=false in the application.properties also necessary.

Answer 4

Setting management.security.enabled=false in the application.properties will disable the security on the endpoints.