如何在不增加弹簧安全性的情况下访问安全的执行器端点
[英]How to access secure actuator endpoints without adding spring security
问题描述
Actuator "sensitive" endpoints secure since 1.5.x version, is it possible to specify user in properties or yml file and access these endpoints without adding spring security into project? 
从1.5.x版本开始,执行器“敏感”端点是安全的,是否可以在属性或yml文件中指定用户并访问这些端点,而无需在项目中添加spring安全性? I know that there's property management.security.enabled can be set to false to expose endpoints, but want to keep them secure:) 我知道可以将属性management.security.enabled设置为false来公开端点,但是要确保它们的安全性:)
1 个解决方案
解决方案1
0 2018-01-23 13:32:42
Yes you can do it. 是的,你可以做到。 Just add the below lines in src/main/resources/application.properties file. 只需在src / main / resources / application.properties文件中添加以下行。
management.security.enabled=true
security.user.name=admin
security.user.password=admin1
management.security.roles=SUPERUSER
After this, add below dependency in your application pom.xml file. 之后,在您的应用程序pom.xml文件中添加以下依赖项。
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
Restart your application and try to access any sensetive actuator. 重新启动您的应用程序,并尝试访问任何有意义的执行器。 You will be prompted to enter username and password. 系统将提示您输入用户名和密码。 Enter the username and password that you configured in application.priperties. 输入您在application.priperties中配置的用户名和密码。 After entering you will be able to access the sentive actuators. 进入后,您将能够使用传感器。 Hope this helps. 希望这可以帮助。 Happy coding 快乐编码
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.