Spring/spring-boot
Spring/spring-boot
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-boot.git synced 2024-08-29 03:06:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

Polish actuator security changes

Browse Source 
Closes gh-7569
This commit is contained in:
Stephane Nicoll 2016-12-27 17:50:10 +01:00
parent 05ebed774c
commit 435ca3db69
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
View File

@ -1057,7 +1057,7 @@ content into your application; rather pick only the properties that you need.
management.context-path= # Management endpoint context-path. For instance `/actuator`
management.port= # Management endpoint HTTP port. Uses the same port as the application by default. Configure a different port to use management-specific SSL.
management.security.enabled=true # Enable security.
management.security.roles=ADMIN # Comma-separated list of roles that can access the management endpoint.
management.security.roles=ACTUATOR # Comma-separated list of roles that can access the management endpoint.
management.security.sessions=stateless # Session creating policy to use (always, never, if_required, stateless).
management.ssl.ciphers= # Supported SSL ciphers. Requires a custom management.port.
management.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store. Requires a custom management.port.
@ -1107,7 +1107,7 @@ content into your application; rather pick only the properties that you need.
management.shell.auth.key.path= # Path to the authentication key. This should point to a valid ".pem" file.
management.shell.auth.simple.user.name=user # Login user.
management.shell.auth.simple.user.password= # Login password.
management.shell.auth.spring.roles=ADMIN # Comma-separated list of required roles to login to the CRaSH console.
management.shell.auth.spring.roles=ACTUATOR # Comma-separated list of required roles to login to the CRaSH console.
management.shell.command-path-patterns=classpath*:/commands/**,classpath*:/crash/commands/** # Patterns to use to look for commands.
management.shell.command-refresh-interval=-1 # Scan for changes and update the command if necessary (in seconds).
management.shell.config-path-patterns=classpath*:/crash/* # Patterns to use to look for configurations.

2
spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc
View File

@ -2684,7 +2684,7 @@ If the Actuator is also in use, you will find:
* The management endpoints are secure even if the application endpoints are insecure.
* Security events are transformed into `AuditEvents` and published to the `AuditService`.
* The default user will have the `ADMIN` role as well as the `USER` role.
* The default user will have the `ACTUATOR` role as well as the `USER` role.
The Actuator security features can be modified using external properties
(`+management.security.*+`). To override the application access rules