Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EndpointRequest shouldn't match request on main application port when management port is different #15702

Closed
glossd opened this issue Jan 14, 2019 · 1 comment
Closed

EndpointRequest shouldn't match request on main application port when management port is different #15702

glossd opened this issue Jan 14, 2019 · 1 comment
Assignees
@mbhave
Labels
type: enhancement A general enhancement
Milestone
2.1.4

Comments

@glossd
Copy link

glossd commented Jan 14, 2019

In my spring boot 2 application the management port and server port are different. I'm trying to disable security for all endpoints in the management server. I disabled security as was described here. Yet my main application paths /actuator/<endpoint> have become insecure too.
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Jan 14, 2019
@mbhave mbhave added for: team-attention An issue we'd like other members of the team to review and removed for: team-attention An issue we'd like other members of the team to review labels Jan 24, 2019
@mbhave
Copy link
Contributor

mbhave commented Jan 24, 2019

We discussed this on the team call today and think that making EndpointRequest port aware is only part of the problem. We need some samples/documentation on how to configure security just for the management context.

@mbhave mbhave added type: documentation A documentation update and removed status: waiting-for-triage An issue we've not yet triaged labels Jan 24, 2019
@mbhave mbhave changed the title EndpointRequest#toAnyEndpoint matches endpoint url paths in main application server when they should match only for management server Document how to separate management endpoint security from main application Jan 24, 2019
@mbhave mbhave added this to the 2.1.x milestone Jan 24, 2019
@mbhave mbhave added for: team-attention An issue we'd like other members of the team to review and removed for: team-attention An issue we'd like other members of the team to review labels Feb 12, 2019
@mbhave mbhave self-assigned this Feb 19, 2019
@mbhave mbhave changed the title Document how to separate management endpoint security from main application EndpointRequest shouldn't match request on main application port when management port is different Feb 21, 2019
@mbhave mbhave added type: enhancement A general enhancement and removed type: documentation A documentation update labels Feb 21, 2019
@mbhave mbhave modified the milestones: 2.1.x, 2.1.4 Feb 21, 2019
@mbhave mbhave closed this as completed in c3e4754 Feb 21, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mbhave mbhave

Labels
type: enhancement A general enhancement
Projects
None yet
Milestone
2.1.4
Development

No branches or pull requests
3 participants
@mbhave @spring-projects-issues @glossd