Within my project, I have the following bootstrap.properties
file:
spring.application.name=vault-demo
management.endpoints.web.exposure.include=*
Additionally to that, I defined the following dependency:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-actuator</artifactId>
</dependency>
The config server is able to access the property but when I update that property in GitHub and POST to /refresh
I get a 403: Forbidden
. Do I need to make any change in my application or bootstrap.properties?
Simply disabling CSRF on your configure method with http. csrf(). disable(); is all that needed to be done for my put requests to stop receiving 403. Save this answer.
To enable Spring Boot actuator endpoints to your Spring Boot application, we need to add the Spring Boot Starter actuator dependency in our build configuration file. Maven users can add the below dependency in your pom. xml file. Gradle users can add the below dependency in your build.
You can enable or disable an actuator endpoint by setting the property management. endpoint. <id>. enabled to true or false (where id is the identifier for the endpoint).
In order to access the actuator endpoints using HTTP, we need to both enable and expose them. By default, all endpoints but /shutdown are enabled. Only the /health and /info endpoints are exposed by default.
I got the solution, I needed to add a security configuration, for example:
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter{
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
}
}
Additionally, I had to add the following dependency:
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-rsa</artifactId>
<version>1.0.5.RELEASE</version>
</dependency>
I found this solution within the following GitHub issue: https://github.com/spring-cloud/spring-cloud-config/issues/950
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With