-
Notifications
You must be signed in to change notification settings - Fork 0
Actuator security
Erich Jagomägis edited this page Nov 14, 2023
·
1 revision
Core library provides Spring Actuator endpoint security autoconfiguration. Crendetials are expected via Basic Authetication header.
Core library contains auto-configuration mechanism that configures the actuator endpoint security. In order to enable auto-configuration, simply add property to configuration.
ee.bitweb.core.actuator.security.auto-configuration=true
Following dependencies have to be added as library does not provide transitive dependencies:
// https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-actuator
implementation group: 'org.springframework.boot', name: 'spring-boot-starter-actuator', version: "${springBootVersion}"
// https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-security
implementation group: 'org.springframework.boot', name: 'spring-boot-starter-security', version: "${springBootVersion}"
| Property | Default value | Description |
|---|---|---|
| ee.bitweb.core.actuator.auto-configuration | false | Enable actuator autoconfiguration. |
| ee.bitweb.core.actuator.healthEndpointRoles | ACTUATOR, ANONYMOUS | List of roles allowed to access health endpoints. |
| ee.bitweb.core.actuator.disableUnsafeHealthEndpointWarning | false | |
| ee.bitweb.core.actuator.user.name | actuator-user | User name |
| ee.bitweb.core.actuator.user.password | Random UUID | Password |
| ee.bitweb.core.actuator.user.roles | ACTUATOR | List of Roles assigned to authenticated request. |
To enable feature, change property ee.bitweb.core.actuator.security.enabled to ee.bitweb.core.actuator.security.auto-configuration.