I have secured (basic authentication) my spring boot application with spring security. I added role MANAGEMENT for users who can use monitoring and management. I set management.security.roles=MANAGEMENT. User with this role can see only status (using health endpoint). If I set management.security.role=MANAGEMENT, everything works (user with this role see all health parameters), but this property is depricated. Am I doing something wrong? Or it is a bug? I have spring boot in version 1.4.0.RELEASE
management.security.roles doesn't work for health endpoint
789 views Asked by grzegrzol At
1
There are 1 answers
Related Questions in SPRING-BOOT
- Multi Tenancy in Spring - Partitioned Data Approach
- I have created a spring boot application with spring data JPA, Rest ,oracle and i am getting this ORA-00933: SQL command not properly ended
- Springboot: How to get an entity optional property and check null?
- How to create jasper report in spring boot rest api with jpa
- JSON Body is Not Passing Certain Strings
- Unresolved reference error is showing up after adding the dgs codegen plugin successfully
- Transaction silently rolled back
- JPA buddy error when generating JPA Entities from DB
- Migrating Spring Boot 2 to 3 throws org.glassfish.jaxb.runtime.v2.runtime.IllegalAnnotationsException: 3 counts of IllegalAnnotationExceptions
- Hibernate SQL Error: Missing FROM-clause entry for table "th1_1"
- Appwrite and / or Spring Boot Backend
- Failed to configure a DataSource: 'url' attribute is not specified and no embedded datasource could be configured. I'm using Postgresql
- Driver com.microsoft.sqlserver.jdbc.SQLServerDriver claims to not accept jdbcUrl, ${SPRING_DATASOURCE_URL}: GitHub Actions
- springboot class org.hibernate.mapping.Bag cannot be cast to class org.hibernate.mapping.SimpleValue
- Spring security causing 404 with message "No static resource login"
Related Questions in SPRING-SECURITY
- How do I propagate the current SecurityContext to my @RabbitListener in Spring Boot?
- Spring security causing 404 with message "No static resource login"
- Spring JPA Data Auditing - How to design it?
- Spring 3 - Security: How to rebuild authManager () usage?
- Error: Cannot invoke "jakarta.servlet.http.HttpSession.getAttribute(String)" because "session" is null
- how to use ldap authentication with permission taken from db without needing password in UserDetails
- This error occurred when using springsecurity for database user verification: IllegalArgumentException
- Issue with configuring SpringSecurity to allow URLs in FilterChain
- getting React Hook "useSetupInterceptors" cannot be called at the top level when try to use useSignOut hook
- Spring Authorization Server `JdbcOAuth2AuthorizationService` does not save custom User object
- Customize Authorization Code claims with Spring OAuth2 Authorization Server 3.2.4
- Spring Security Reactive OAuth2 Client: Options for Customizing Refresh Endpoint
- Repository injection in an handler spring boot class performance
- Spring Security mix form based and http basic authentication
- SecurityContextHolder.getContext().getAuthentication() is null
Related Questions in SPRING-BOOT-ACTUATOR
- How to prevent SqsListener from spamming error logs
- Java Spring Boot get list of exposed actuator endpoints
- Custom path for "/actuator/health/liveness" and "/actuator/health/readiness" endpoints
- 4xx/5xx count metric by exception type
- Why is the monitoring interface time (TOTAL_TIME) so large when using Spring Boot Actuator to monitor the API of a Java web project?
- SpringBoot Actuator version 1.X readiness and liveness probes
- Does Springboot @RefreshScope work with records
- Send metrics to DataDog using micrometer-registry-otlp instead of micrometer-registry-datadog
- Try to change the logger level at the root level
- Add a custom field in a Prometheus default metrics endpoint (actuator/prometheus) , using Spring Cloud Gateway
- How do I expose Actuator endpoints in Swagger UI?
- circular reference in my spring boot 3 application : The dependencies of some of the beans in the application context form a cycle
- How to set application path as actuator base path (@ApplicationPath)
- org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'processorMetrics' defined in class path resource
- ClassNotFoundException io.micrometer.tracing.Tracer for new Spring Boot project
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
It seems that in 1.4.0 you need to use
management.security.role(singular) I had issues with 1.4.2 and 1.4.3 that only usemanagement.security.roles(plural).I wish I would have found some documentation about the change before running into it when updating Spring Boot from 1.4.0 to 1.4.3