Reputation: 485
Turn off actuator security for spring-boot
I am following a spring-boot tutorial on lynda.com https://www.lynda.com/Spring-tutorials/Spring-Boot-Actuator/653258/709599-4.html?autoplay=true And the presenter simply says turn off the management security This is what the application.yml looks like
management:
security:
enabled: false
---
spring:
profiles: dev
server:
port:8000
---
spring:
profiles: test
server:
port:9000
And this is what main class looks like
package com.frankmoley.boot.essentials.initialbootapp;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@SpringBootApplication
public class InitialBootAppApplication {
public static void main(final String[] args) {
SpringApplication.run(InitialBootAppApplication.class, args);
}
@RestController
@RequestMapping("/api")
public class ApiController {
@GetMapping("/greeting")
public String getGreeting() {
return "Hey, this is my custom string message!!!";
}
}
}
Now, there is no explicit login he goes through or authentication taking place here. And if the security is turned off, it should let me see the localhost:8080/mappings and localhost:8080/health should also show me the entire message. But, I dont see the extra information. In my logs, I see this text
2018-07-31 13:35:01.048 INFO 5068 --- [nio-8080-exec-2] s.b.a.e.m.MvcEndpointSecurityInterceptor : Full authentication is required to access actuator endpoints. Consider adding Spring Security or set 'management.security.enabled' to false.
Is there a way to set the application.yml somewhere as the default properties file, what am I missing here ?
Upvotes: 0
Views: 4449
Answers (1)
Reputation: 1622
You probably have mistake in your yml file. Add indentation for "enabled".
management:
security:
enabled: false
Or you can use property files (.properties), this may be more readable for you:
management.security.enabled=false
Upvotes: 4
Related Questions
- SpringBoot 2 Actuator with Spring Security
- How to disable actuator security without disabling it totally with Spring Boot 2
- Disable webflux (reactive) security for actuator health endpoint
- Spring boot and Spring Actuator - disable security
- Configure security for Spring Boot 2.0 acuator framework
- Disable security for Springboot actuator endpoint /env
- Spring Boot can't intercept actuator access
- Spring: Configure security for actuator endpoints with Spring Security
- How to provide actuator security in non spring-security spring boot project
- Spring Boot Actuator lock-out policy implementaion