Menu
After the registration at the Spring Boot Admin (SBA) Server, some actuators of the clients get adressed with http://springapplication.com/actuator instead of https://springapplication.com/actuator.
Why does it change the endpoints to HTTP and doesn´t stay at HTTPS? Is it customizable?
Here are some Logs and the Java/YML-Files.
Logs:
2018-07-02 06:13:27.683 INFO 3194 --- [-client-epoll-7] d.c.b.a.server.services.StatusUpdater : Couldn't retrieve status for Instance(id=0d47f12b0a94, version=57, registration=Registration(name=springbootapplication-Name, managementUrl=https://springbootapplication.com/actuator, healthUrl=https://springbootapplication.com/actuator/health, serviceUrl=https://springbootapplication.com, source=http-api), registered=true, statusInfo=StatusInfo(status=UP, details={}), statusTimestamp=2018-07-02T05:06:08.423Z, info=Info(values={}), endpoints=Endpoints(endpoints={httptrace=Endpoint(id=httptrace, url=http://springbootapplication.com/actuator/httptrace), flyway=Endpoint(id=flyway, url=http://springbootapplication.com/actuator/flyway), loggers=Endpoint(id=loggers, url=http://springbootapplication.com/actuator/loggers), health=Endpoint(id=health, url=https://springbootapplication.com/actuator/health), env=Endpoint(id=env, url=http://springbootapplication.com/actuator/env), heapdump=Endpoint(id=heapdump, url=http://springbootapplication.com/actuator/heapdump), scheduledtasks=Endpoint(id=scheduledtasks, url=http://springbootapplication.com/actuator/scheduledtasks), mappings=Endpoint(id=mappings, url=http://springbootapplication.com/actuator/mappings), beans=Endpoint(id=beans, url=http://springbootapplication.com/actuator/beans), configprops=Endpoint(id=configprops, url=http://springbootapplication.com/actuator/configprops), threaddump=Endpoint(id=threaddump, url=http://springbootapplication.com/actuator/threaddump), metrics=Endpoint(id=metrics, url=http://springbootapplication.com/actuator/metrics), conditions=Endpoint(id=conditions, url=http://springbootapplication.com/actuator/conditions), auditevents=Endpoint(id=auditevents, url=http://springbootapplication.com/actuator/auditevents), info=Endpoint(id=info, url=http://springbootapplication.com/actuator/info), jolokia=Endpoint(id=jolokia, url=http://springbootapplication.com/actuator/jolokia)}), buildVersion=null)
Application.yml (Server):
server:
port: 5100
spring:
security:
user:
name: admin
password: password
SecuritySecureConfig.java (Server):
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import de.codecentric.boot.admin.server.config.AdminServerProperties;
@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {
private final String adminContextPath;
public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
this.adminContextPath = adminServerProperties.getContextPath();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
http.authorizeRequests().antMatchers(adminContextPath + "/assets/**").permitAll()
.antMatchers(adminContextPath + "/login").permitAll().anyRequest().authenticated().and().formLogin()
.loginPage(adminContextPath + "/login").successHandler(successHandler).and().logout()
.logoutUrl(adminContextPath + "/logout").and().httpBasic().and().csrf().disable();
}
}
SpringBootAdminApplication.java (Server):
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.PropertySource;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import de.codecentric.boot.admin.server.config.EnableAdminServer;
@EnableAutoConfiguration
@EnableWebSecurity
@EnableAdminServer
@SpringBootApplication(scanBasePackages = "administration")
@PropertySource(value = "META-INF/build-info.properties", ignoreResourceNotFound = true)
public class SpringBootAdminApplication {
private static final Logger log = LoggerFactory.getLogger(SpringBootAdminApplication.class);
public static void main(final String[] args) {
SpringApplication.run(SpringBootAdminApplication.class, args);
}
}
Application.yml (Client):
spring:
application:
name: springapplication
boot:
admin:
client:
username: ${application.security.usernameAdmin}
password: ${application.security.passwordAdmin}
url: "https://springBootAdminServerURL.com"
instance:
service-base-url: https://http://springapplication.com/
metadata:
user.name: ${application.security.usernameAdmin}
user.password: ${application.security.passwordAdmin}
management:
endpoints:
web:
exposure:
include: "*"
application:
security:
usernameAdmin: admin
passwordAdmin: password
788
To create a custom actuator endpoints, Use @Endpoint annotation on a class. Then leverage @ReadOperation / @WriteOperation / @DeleteOperation annotations on the methods to expose them as actuator endpoint bean as needed.
In order to access the actuator endpoints using HTTP, we need to both enable and expose them. By default, all endpoints but /shutdown are enabled. Only the /health and /info endpoints are exposed by default.
I had the same problem. Look at your applications /actuator endpoint. Is it reporting urls as http? It did for me, even if health used https. What solved it for me was adding server.use-forward-headers=true which adds all X-Forwarded-*, including the X-Forwared-Proto that identifies scheme (http/https).
Remember if your app is behind a reverse proxy like NGINX, you'd also need to configure this. Example for NGINX
location / {
proxy_set_header X-Forwarded-Proto $scheme;
...
}
Need correction in the config file for below property which signifies as
Base url for computing the service-url to register with. The path is inferred at runtime, and appended to the base url.
spring.boot.admin.client.instance.service-base-url
instance:
service-base-url: https://springapplication.com/
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
