Within my project, I have the following <code>bootstrap.properties</code> file: <pre class="prettyprint"><code>spring.application.name=vault-demo management.endpoints.web.exposure.include=* </code></pre> Additionally to that, I defined the following dependency: <pre class="prettyprint lang-xml prettyprint-override"><code><dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-actuator</artifactId> </dependency> </code></pre> The config server is able to access the property but when I update that property in GitHub and POST to <code>/refresh</code> I get a <code>403: Forbidden</code>. Do I need to make any change in my application or bootstrap.properties?

I got the solution, I needed to add a security configuration, for example: <pre class="prettyprint lang-java prettyprint-override"><code>@Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter{ @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); } } </code></pre> Additionally, I had to add the following dependency: <pre class="prettyprint lang-xml prettyprint-override"><code><dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-rsa</artifactId> <version>1.0.5.RELEASE</version> </dependency> </code></pre> I found this solution within the following GitHub issue: https://github.com/spring-cloud/spring-cloud-config/issues/950

WhyI am Getting 403 Forbidden error for actuator /refresh endpoint on Spring Boot 2 on Cloud Foundry{using Cloud Config Server service}

Tags:

spring-boot

spring-boot-actuator

spring-cloud-config

Within my project, I have the following bootstrap.properties file:

spring.application.name=vault-demo
management.endpoints.web.exposure.include=*

Additionally to that, I defined the following dependency:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-actuator</artifactId>
</dependency>

The config server is able to access the property but when I update that property in GitHub and POST to /refresh I get a 403: Forbidden. Do I need to make any change in my application or bootstrap.properties?

893

asked Sep 12 '18 15:09

Shivi Sharma

1 Answers

I got the solution, I needed to add a security configuration, for example:

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter{

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
    }
}

Additionally, I had to add the following dependency:

<dependency> 
    <groupId>org.springframework.security</groupId> 
    <artifactId>spring-security-rsa</artifactId> 
    <version>1.0.5.RELEASE</version> 
</dependency>

I found this solution within the following GitHub issue: https://github.com/spring-cloud/spring-cloud-config/issues/950

131

answered Sep 19 '22 16:09

Shivi Sharma

Related questions
                            
                                How implement Error decoder for multiple feign clients
                            
                                Docker MySQL - can't connect from Spring Boot app to MySQL database
                            
                                Reload/Refresh cache in spring boot
                            
                                NoSuchMethodError: org.springframework.plugin.core.PluginRegistry.getPluginOrDefaultFor
                            
                                How do I use multiple 'JWK Set Uri' values in the same Spring Boot app?
                            
                                Java 8 date/time type `java.time.Instant` not supported by default Issue : [duplicate]
                            
                                Creating a custom Jasypt PropertySource in Springboot
                            
                                Map checkboxes to List using Sprint Boot and Thymeleaf
                            
                                How to use Websphere liberty in spring boot application
                            
                                springSecurityFilterChain cannot be null
                            
                                File upload in Spring Boot: Uploading, validation, and exception handling
                            
                                In a spring boot project, how to load application.yaml into Java Properties
                            
                                Autowiring :expected at least 1 bean which qualifies as autowire candidate for this dependency
                            
                                Spring Cloud Config Server not working with Docker compose
                            
                                How to have per-thread but reusable objects (PubNub) in a Spring app?
                            
                                Spring Interceptor not working in Spring Data REST URLs
                            
                                No @NotBlank validator for type String
                            
                                Spring boot configuration: how to return always same random value when referenced?
                            
                                How do I install Spring Boot CLI in Ubuntu?
                            
                                Spring Security WebFlux and LDAP

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With

WhyI am Getting 403 Forbidden error for actuator /refresh endpoint on Spring Boot 2 on Cloud Foundry{using Cloud Config Server service}

Tags:

spring-boot

spring-boot-actuator

spring-cloud-config

Shivi Sharma

People also ask

1 Answers

Shivi Sharma

Recent Activity

Donate For Us