无法使执行器端点在传统 Spring 引导项目中工作 - 获取身份验证页面
[英]Unable to make actuator endpoints working in a legacy Spring boot project - getting authentication page
问题描述
Spring boot actuator is already included in the POM, and it shows in the startup logs. 
Spring boot 执行器已包含在 POM 中,并显示在启动日志中。 However, when I try to access /actuator or even the base url of my project, I get the following -但是,当我尝试访问 /actuator 甚至我项目的基本 url 时,我得到以下信息 -
{
"timestamp": 1577096144986,
"status": 401,
"error": "Unauthorized",
"message": "Full authentication is required to access this resource",
"path": "/actuator"
}
I read that there could be basic HTTP authentication set for the end points.我读到可以为端点设置基本的 HTTP 身份验证。 I looked for spring.security.user.name, password in the config properties, but could not find any.我在配置属性中寻找 spring.security.user.name, password ,但找不到任何。
If I hit http://localhost:8083/actuator , or even http://localhost:8083/ or any URL other the mapped API end points, it seems, I get this password prompt on browser -如果我点击http://localhost:8083/actuator ,甚至是http://localhost:8083/或任何其他映射 API 端点的 URL,我似乎在浏览器上收到此密码提示 -
On application logs, I get this -在应用程序日志上,我得到了这个 -
2019-12-23 19:30:54,489 75773 [XNIO-3 task-3] INFO c.c.common.web.LoggerInterceptor [LoggerInterceptor.java:42] - Visitor [okp91Dj1NzT2KPPUjaUvhqEg4oOhwPQ49I9LTR2z] [GET] [/error] [1ms] [OK]
2019-12-23 19:30:54,493 75777 [XNIO-3 task-3] ERROR org.apache.velocity [CommonsLogLogChute.java:96] - ResourceManager : unable to find resource 'error.vm' in any resource loader.
On entering credentials, it fails and the password prompt appears again, with the same logs as above repeated.在输入凭据时,它失败并再次出现密码提示,并重复上述相同的日志。
Updates更新
Spring boot version - 1.5.2.RELEASE. Spring 引导版本 - 1.5.2.RELEASE。
There is a web.xml inside /src/main/resources. /src/main/resources 中有一个 web.xml。 It has following -它有以下——
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath*:META-INF/spring/applicationContext*.xml
classpath*:com.packagename
/WEB-INF/spring/oauth-security.xml
/WEB-INF/spring/security-config.xml
classpath*:META-INF/gateway/*.xml
</param-value>
</context-param>
I could locate the oauth-security.xml and security.xml files in this microservice component.我可以在这个微服务组件中找到 oauth-security.xml 和 security.xml 文件。
oauth-security.xml has oauth scopes based definitions for API paths - oauth-security.xml 具有基于 oauth 范围的 API 路径定义 -
<sec:http pattern="/service/v2/**"
create-session="never"
entry-point-ref="oauthAuthenticationEntryPoint"
access-decision-manager-ref="accessDecisionManager">
<sec:intercept-url pattern="/some/path/v2/profile/**" access="ROLE_USER,SCOPE_PROFILE" method="GET"/>
I see security-config.xml which imports webmvc-config.xml.我看到导入 webmvc-config.xml 的 security-config.xml。
I see some of these in security-config.xml -我在 security-config.xml 中看到了其中一些 -
<sec:http pattern="/somepath/**">
<sec:intercept-url pattern="/somepath/**" access="ROLE_USER"/>
<sec:http-basic/>
</sec:http>
but I don't see any configurations for /** paths anywhere.但我在任何地方都没有看到 /** 路径的任何配置。
Update 2更新 2
I checked that there seem to be auth configurations in a file called customscopes.properties as well, which seems to be a custom file, added to webmvc-config.xml like this -我检查了一个名为 customscopes.properties 的文件中似乎也有 auth 配置,这似乎是一个自定义文件,添加到 webmvc-config.xml 像这样 -
<bean id="propertyConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
<property name="ignoreResourceNotFound" value="true" />
<property name="locations">
<list>
<value>classpath:/spring/application.properties</value>
<value>classpath:/spring/local.properties</value>
<value>classpath:/spring/customscopes.properties</value>
<value> file:${project.config.dir}/application.properties </value>
<value>file:${project.config.dir}/customscopes.properties</value>
</list>
</property>
</bean>
customscopes.properties has urls like these - customscopes.properties 有这样的网址 -
service/v2/path/**=SCOPE_SOMETHING; service/v2/path/**=SCOPE_SOMETHING;
At the same, time, there is the same url in oauth-security.xml -同时,oauth-security.xml中也有相同的url——
<sec:intercept-url pattern="/service/v2/path/**" access="SCOPE_SOMETHING"/>
I am not sure why there are two sets of configs.我不确定为什么有两组配置。 I tried changing those one by one, while keeping the other with authentication.我尝试一个一个地更改这些,同时保持另一个身份验证。 I observed that only changing the customscopes.properties affected -我观察到仅更改 customscopes.properties 会受到影响 -
service/v2/path/**=IS_AUTHENTICATED_ANONYMOUSLY;
I am new to Spring Security as well.我也是 Spring Security 的新手。 I checked this video tutorial but could not find those mentioned config methods in my project.我检查了这个视频教程,但在我的项目中找不到那些提到的配置方法。 There is no mention of WebSecurityConfigurerAdapter.没有提到 WebSecurityConfigurerAdapter。
However, adding the path for actuator/** on both these files, with IS_AUTHENTICATED_ANONYMOUSLY did not work - 401 error as shown in the beginning.但是,在这两个文件上添加执行器 /** 的路径,使用 IS_AUTHENTICATED_ANONYMOUSLY 不起作用 - 如开头所示的 401 错误。
Update 3更新 3
Oh, another thing - security-config.xml contains哦,另一件事 - security-config.xml 包含
<sec:http pattern="/favicon.ico" security="none"/>
And I see a difference in the logs when I access http://localhost:8083/actuator/ and http://localhost:8083/somethingelse/当我访问http://localhost:8083/actuator/和http://localhost:8083/somethingelse/时,我看到日志有所不同
http://localhost:8083/actuator/ http://localhost:8083/actuator/
Step 1 - Hit this url - log -第 1 步 - 点击这个网址 - 登录 -
2019-12-24 12:31:03,051 590999 [XNIO-3 task-16] INFO c.c.common.web.LoggerInterceptor [LoggerInterceptor.java:42] - Visitor [OICBz6CqYzI58UqobnBYNEXsZUNErjBkv6wEUUkX] [GET] [/error] [2ms] [OK]
2019-12-24 12:31:03,054 591002 [XNIO-3 task-16] ERROR org.apache.velocity [CommonsLogLogChute.java:96] - ResourceManager : unable to find resource 'error.vm' in any resource loader.
Step 2 - cancel sign in form - get favicon.ico instead of /error -第 2 步 - 取消登录表单 - 获取 favicon.ico 而不是 /error -
2019-12-24 12:31:18,641 606589 [XNIO-3 task-20] ERROR org.apache.velocity [CommonsLogLogChute.java:96] - ResourceManager : unable to find resource 'error.vm' in any resource loader.
2019-12-24 12:31:18,912 606860 [XNIO-3 task-21] INFO c.c.common.web.LoggerInterceptor [LoggerInterceptor.java:42] - Visitor [OICBz6CqYzI58UqobnBYNEXsZUNErjBkv6wEUUkX] [GET] [/favicon.ico] [2ms] [OK]
http://localhost:8083/somethingelse http://localhost:8083/somethingelse
Step 1 - Hit this url - log -第 1 步 - 点击这个网址 - 登录 -
2019-12-24 12:31:03,051 590999 [XNIO-3 task-16] INFO c.c.common.web.LoggerInterceptor [LoggerInterceptor.java:42] - Visitor [OICBz6CqYzI58UqobnBYNEXsZUNErjBkv6wEUUkX] [GET] [/error] [2ms] [OK]
2019-12-24 12:31:03,054 591002 [XNIO-3 task-16] ERROR org.apache.velocity [CommonsLogLogChute.java:96] - ResourceManager : unable to find resource 'error.vm' in any resource loader.
Step 2 - cancel sign in form - Same log as above, again第 2 步 - 取消登录表单 - 与上述相同的日志,再次
Update 4更新 4
If I add a class to extend WebSecurityConfigurerAdapter, and just add a permitAll() against my required paths -如果我添加一个类来扩展 WebSecurityConfigurerAdapter,并且只需针对我所需的路径添加一个 permitAll() -
@Override
protected void configure(HttpSecurity http) throws Exception {
http.
authorizeRequests().antMatchers("/service/trace/**").permitAll()
.antMatchers("/service/actuator/**").permitAll()
.antMatchers("/actuator/**").permitAll()
.antMatchers("/trace").permitAll()
.antMatchers("/actuator").permitAll();
}
I get different errors this time (404 Not found) -这次我遇到了不同的错误(404 Not found)-
{
"timestamp": 1577181851520,
"status": 404,
"error": "Not Found",
"message": "Not Found",
"path": "/service/trace"
}
Note - I have a doubt about which are the available actuator end points, so I am trying to ensure for all these combinations.注意 - 我对哪些是可用的执行器端点有疑问,所以我试图确保所有这些组合。 See the application startup logs below if you can confirm on the basis of that.如果您可以在此基础上进行确认,请参阅下面的应用程序启动日志。
I get 404 errors against all these URLs -我收到所有这些 URL 的 404 错误 -
http://localhost:8083/service/actuator/beans
http://localhost:8083/actuator/beans
http://localhost:8083/beans
And my other authenticated API endpoints start giving this error -我的其他经过身份验证的 API 端点开始出现此错误 -
{
"timestamp": 1577181062281,
"status": 403,
"error": "Forbidden",
"message": "Could not verify the provided CSRF token because your session was not found.",
"path": "/service/v2/some/end/point"
}
ALso, I found that we have these filters as well defined in the web.xml.另外,我发现我们在 web.xml 中也定义了这些过滤器。 So, it seems there is Spring configuration, as well as Spring boot addition.所以,似乎有 Spring 配置,以及 Spring boot 附加。 Correct me if my understanding is wrong.如果我的理解有误,请纠正我。
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
So, the problem comes down to this -所以,问题归结为这个——
I can't access the actuator end points.我无法访问执行器端点。 I see the following in application startup logs, containing actuator, but I can't seem to load them either.我在应用程序启动日志中看到以下内容,其中包含执行器,但我似乎也无法加载它们。 I guess Spring security is coming in between but not able to prevent the same.我猜 Spring 安全性介于两者之间,但无法阻止相同的情况。
2019-12-24 14:14:10,769 14209 [main] INFO o.s.b.a.e.m.EndpointHandlerMapping [AbstractHandlerMethodMapping.java:543] - Mapped "{[/beans || /beans.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-24 14:14:10,770 14210 [main] INFO o.s.b.a.e.m.EndpointHandlerMapping [AbstractHandlerMethodMapping.java:543] - Mapped "{[/health || /health.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.HealthMvcEndpoint.invoke(javax.servlet.http.HttpServletRequest,java.security.Principal)
2019-12-24 14:14:10,771 14211 [main] INFO o.s.b.a.e.m.EndpointHandlerMapping [AbstractHandlerMethodMapping.java:543] - Mapped "{[/autoconfig || /autoconfig.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-24 14:14:10,772 14212 [main] INFO o.s.b.a.e.m.EndpointHandlerMapping [AbstractHandlerMethodMapping.java:543] - Mapped "{[/metrics/{name:.*}],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.MetricsMvcEndpoint.value(java.lang.String)
2019-12-24 14:14:10,772 14212 [main] INFO o.s.b.a.e.m.EndpointHandlerMapping [AbstractHandlerMethodMapping.java:543] - Mapped "{[/metrics || /metrics.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
Note -笔记 -
I have added management.endpoints.web.exposure.include=* in application.properties
我在 application.properties 中添加了 management.endpoints.web.exposure.include=*I can't see anything like this -
我看不出这样的事情-2019-12-24 15:57:41.245 INFO 37683 --- [ main] osbaeweb.EndpointLinksResolver : Exposing 18 endpoint(s) beneath base path '/actuator'
2019-12-24 15:57:41.245 INFO 37683 --- [main] osbaeweb.EndpointLinksResolver:在基本路径“/actuator”下暴露 18 个端点- spring-boot-starter-actuator-1.5.2.RELEASE.jar is there in External libraries of Intellij. spring-boot-starter-actuator-1.5.2.RELEASE.jar 在 Intellij 的外部库中。
- spring-boot-starter-actuator-1.5.2.RELEASE.jar is there in External libraries of Intellij.
5 个解决方案
解决方案1
2 2019-12-26 19:31:02
I have faced the similar error and added this configuration in application.properties :我遇到了类似的错误并在 application.properties 中添加了这个配置:
management.endpoints.web.base-path=/
This would allow you to access all the actuator endpoints.这将允许您访问所有执行器端点。
解决方案2
1 2019-12-26 17:12:26
The error occurs as security is not enabled on the endpoint.错误发生是因为端点上未启用安全性。 For a locally deployed app, add the following configuration to your application.properties file -对于本地部署的应用程序,将以下配置添加到您的 application.properties 文件 -
management.security.enabled=false
On a production app, more careful configurations would need to be made.在生产应用程序上,需要进行更仔细的配置。
解决方案3
0 2019-12-27 20:00:12
1)I tested the code with spring boot 1.5.2 and discovered that in this version the actuator endpoints are available in the root('/') path and not at /actuator path. 1)我用 spring boot 1.5.2 测试了代码,发现在这个版本中,执行器端点在 root('/') 路径中可用,而不是在 /actuator 路径中。 Your logs confirm it also:您的日志也证实了这一点:
2019-12-24 14:14:10,769 14209 [main] INFO o.s.b.a.e.m.EndpointHandlerMapping [AbstractHandlerMethodMapping.java:543] - Mapped "{[/beans || /beans.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
As you see in log, endpoint for example for beans is /beans.正如您在日志中看到的,例如 bean 的端点是 /beans。 In your case http://localhost:8083/beans In addition you need also as Prerak Jain wrote following:在您的情况下http://localhost:8083/beans此外,您还需要 Prerak Jain 写道:
management.security.enabled=false
2) To your problem with HTTP 403: 2)对于您的 HTTP 403 问题:
{
"timestamp": 1577181062281,
"status": 403,
"error": "Forbidden",
"message": "Could not verify the provided CSRF token because your session was not found.",
"path": "/service/v2/some/end/point"
}
To fix it you need to add following to your configuration "and().csrf().disable()", so for example:要修复它,您需要在您的配置“and().csrf().disable()”中添加以下内容,例如:
http.authorizeRequests().antMatchers("/service/trace/**").permitAll().and().csrf().disable()
That disables csrf token stuff.这会禁用 csrf 令牌的东西。
解决方案4
0 2019-12-30 13:30:00
Dealing with Legacy application is never easy.处理遗留应用程序绝非易事。 Indeed, it seems like you are mixing Spring and Spring-boot configuration altogether.确实,您似乎完全混合了 Spring 和 Spring-boot 配置。 I suggest you to proces step by step.我建议你一步一步来。 Go back to a working, stable state and then move on:回到正常工作的稳定状态,然后继续:
- Make sure you are using the right dependencies确保您使用了正确的依赖项
I've been doing some tests with spring-boot-starter-actuator with spring-boot-starter-parent .我一直在用spring-boot-starter-actuator和spring-boot-starter-parent做一些测试。
Here is the content of my pom.xml:这是我的 pom.xml 的内容:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.2.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
</dependencies>
Please notice that spring-boot-starter-actuator:2.2.2.RELEASE works in different ways that spring-boot-starter-actuator:1.5.2.RELEASE , mostly regarding the security.请注意spring-boot-starter-actuator:2.2.2.RELEASE工作方式与spring-boot-starter-actuator:1.5.2.RELEASE ,主要是关于安全性。 Also note that we use the starter of every dependency.另请注意,我们使用每个依赖项的starter 。 If not, you won't all spring boot autoconfiguration enabled.如果没有,您将不会启用所有 spring boot 自动配置。
- Configure properly
spring-boot-starter-actuator正确配置spring-boot-starter-actuator
In your application.properties , add the following lines :在您的application.properties ,添加以下几行:
# Make sure every actuator endpoints are located under the same root URL
management.context-path=/actuator
# Disable default actuator security rules to manage everything with your Java configuration
management.security.enabled=false
- Try to manage only the access to /actuator尝试仅管理对 /actuator 的访问
In your java configuration class, the one that extends WebSecurityConfigurerAdapter , apply the following changes:在您的 java 配置类中,扩展WebSecurityConfigurerAdapter ,应用以下更改:
@EnableWebSecurity // Enable spring security configuration
@Configuration // Is a Spring Configuration class
@Order(ManagementServerProperties.ACCESS_OVERRIDE_ORDER) // To override the default actuator security configuration
public class WebSecurity extends WebSecurityConfigurerAdapter {
/**
* We try to make sure you can easily manage spring actuator endpoints
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.mvcMatchers("/actuator/**").authenticated() // To restrict access to authenticated user on actuator endpoints
.anyRequest().permitAll()
.and()
.csrf().disable(); // If you want to POST data, you have to disable CSRF check. Otherwise, you always get an error when POSTing data on an unsecured URL.
}
}
For more information about CSRF, please check: https://fr.wikipedia.org/wiki/Cross-site_request_forgery关于CSRF的更多信息,请查看: https : //fr.wikipedia.org/wiki/Cross-site_request_forgery
- In the console, you're supposed to see something like this during the server start up:在控制台中,您应该在服务器启动期间看到如下内容:
019-12-30 12:13:34.767 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/beans || /actuator/beans.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-30 12:13:34.768 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/trace || /actuator/trace.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-30 12:13:34.769 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/configprops || /actuator/configprops.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-30 12:13:34.773 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/metrics/{name:.*}],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.MetricsMvcEndpoint.value(java.lang.String)
2019-12-30 12:13:34.773 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/metrics || /actuator/metrics.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-30 12:13:34.774 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/autoconfig || /actuator/autoconfig.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-30 12:13:34.775 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/health || /actuator/health.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.HealthMvcEndpoint.invoke(javax.servlet.http.HttpServletRequest,java.security.Principal)
2019-12-30 12:13:34.776 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/dump || /actuator/dump.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-30 12:13:34.778 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/heapdump || /actuator/heapdump.json],methods=[GET],produces=[application/octet-stream]}" onto public void org.springframework.boot.actuate.endpoint.mvc.HeapdumpMvcEndpoint.invoke(boolean,javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse) throws java.io.IOException,javax.servlet.ServletException
2019-12-30 12:13:34.779 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/mappings || /actuator/mappings.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-30 12:13:34.782 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/loggers/{name:.*}],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.LoggersMvcEndpoint.get(java.lang.String)
2019-12-30 12:13:34.783 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/loggers/{name:.*}],methods=[POST],consumes=[application/vnd.spring-boot.actuator.v1+json || application/json],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.LoggersMvcEndpoint.set(java.lang.String,java.util.Map<java.lang.String, java.lang.String>)
2019-12-30 12:13:34.784 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/loggers || /actuator/loggers.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-30 12:13:34.785 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/auditevents || /actuator/auditevents.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public org.springframework.http.ResponseEntity<?> org.springframework.boot.actuate.endpoint.mvc.AuditEventsMvcEndpoint.findByPrincipalAndAfterAndType(java.lang.String,java.util.Date,java.lang.String)
2019-12-30 12:13:34.786 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/info || /actuator/info.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
2019-12-30 12:13:34.788 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/env/{name:.*}],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EnvironmentMvcEndpoint.value(java.lang.String)
2019-12-30 12:13:34.789 INFO 13172 --- [ main] o.s.b.a.e.mvc.EndpointHandlerMapping : Mapped "{[/actuator/env || /actuator/env.json],methods=[GET],produces=[application/vnd.spring-boot.actuator.v1+json || application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
Let me know if you have any difficulties, or you're console is printing different output.如果您有任何困难,或者您的控制台正在打印不同的输出,请告诉我。 Please also share your pom.xml if any of this works.如果其中任何一项有效,也请分享您的 pom.xml。
解决方案5
0 2020-01-02 08:39:13
One way of running the actuator is assigning a different port to the actuator service this could be done by adding following property to application.properties运行执行器的一种方法是为执行器服务分配一个不同的端口,这可以通过将以下属性添加到 application.properties 来完成
management.server.port=8084
This way you can run and access actuator on a different port and can create rules on the gateway as to how it can be accessed.通过这种方式,您可以在不同的端口上运行和访问执行器,并且可以在网关上创建有关如何访问它的规则。
Click here for detail 单击此处了解详细信息
Another way is to disable security from actuator to add following property to the application.properties另一种方法是禁用执行器的安全性以将以下属性添加到 application.properties
management.endpoints.web.exposure.include=*
Click here for detail 单击此处了解详细信息
Another way of bypassing all the security is following绕过所有安全性的另一种方法是
@Configuration(proxyBeanMethods = false)
public class ActuatorSecurity extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
requests.anyRequest().permitAll());
}
}
Click here for detail 单击此处了解详细信息
Hope it helps.希望能帮助到你。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.