Spring Cloud Config Server 在运行 main() 时不强制执行 BASIC 身份验证

Question

I have configured a Spring Cloud Config server to force BASIC authentication and here is my application.yml file:

# Config Repo:
spring:
  cloud:
    config:
      server:
        git:
          uri: file:///${HOME}/microservices_config_repo

# Show sensitive information for endpoints:
endpoints:
  sensitive: true

# Security for endpoints:
management:
  security:
    enabled: true

security:
  user:
    name: user1
    password: changeme

My issue I am having is that when I start the server up as: mvn spring-boot:run

The server endpoints FORCE BASIC Authentication. But when I start the Application.main() method, BASIC Authentication is enabled, but NOT enforced.

Meaning I can access configuration on: http://localhost:8888/client-config and http://user1:changeme@localhost:8888/client-config

Can anyone help me understand why this is occuring and how to enforce BASIC Authentication while running the Application.main(), and not just through the Maven spring-boot plugin?

Note, when I use maven to package the app into a jar, then run the generated jar, BASIC Authentication is enforced, but still not through the IDE running just the Application.main directly.

Answer 1

Maybe the format the oy Yaml for example to me seems works like this:

server:
  port:9999
spring:
  application:
    name: config-server-sample
  cloud:
    config:
      name: ${spring.application.name}
      fail-fast: true
      server:
        git:
          uri: url
          username: xx
          password: zz
          default-label: master
          basedir: '${user.home}/${spring.application.name}/default'
          timeout: 10
          clone-on-start: true
          force-pull: true
  security:
    basic:
        enabled: true
    path: /**
    ignored: /health**,/info**,/metrics**,/trace**
    user:
       name: admin
       password: tupassword