Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to configure spring boot admin client when authentication is enabled?

I'm trying to set up a sample application using spring boot admin (both server + client side) and have run into an issue with authentication.

When spring security is enabled on the management/actuator endpoints on the client side the spring-boot-admin server does not seem able to communicate with the client -- logging in to the Admin interface via a Web browser results in a continuous loop of authentication windows popping up and prompting for usernames/passwords. Hitting cancel will display an HTTP 401 error on the page.

Here's a configuration that works on the client side:

management.security.enabled=false

security.basic.enabled=true

security.user.name=test

security.user.password=test

spring.boot.admin.url=http://localhost:9081/admin

spring.boot.admin.username=admin

spring.boot.admin.password=admin

This will:

  • Disable security for spring-boot's management/actuator resource
  • Enable security for all other resources (HTTP basic auth - user: test, password: test)
  • Register the spring-admin client on startup using the url http://localhost:9081/admin (HTTP basic auth - user: admin, password:admin)

I'm guessing the spring boot admin app doesn't support communication with secured clients because I don't see any configuration properties that would allow the information to be passed in upon client registration.

Has anyone got around this limitation and if so, how? I'd rather not leave the actuator endpoints "open to the public" so-to-speak, even though they are actually just exposed on the company's internal network.

like image 816
Javaddict Avatar asked Sep 26 '16 18:09

Javaddict


People also ask

How do I register a client as a spring boot administrator?

First, add the following Spring Boot Admin starter client dependency and Spring Boot starter actuator dependency in your build configuration file. Gradle users can add the following dependencies in your build. gradle file. Now, add the Spring Boot Admin Server URL into your application properties file.

How do I set spring boot as administrator?

For building a Spring Boot Admin Server we need to add the below dependencies in your build configuration file. Add the @EnableAdminServer annotation in your main Spring Boot application class file. The @EnableAdminServer annotation is used to make your as Admin Server to monitor all other microservices.

How do you authenticate a spring boot?

You do that by configuring Spring Security in the application. If Spring Security is on the classpath, Spring Boot automatically secures all HTTP endpoints with “basic” authentication. However, you can further customize the security settings. The first thing you need to do is add Spring Security to the classpath.


1 Answers

There is no security feature included since the various solutions look very different. But I've put up some examples: https://github.com/joshiste/spring-boot-admin-samples

like image 120
joshiste Avatar answered Oct 03 '22 07:10

joshiste