{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 爱情/是我丢掉的垃圾 的问题《Unauthorized in spring boot admin》','https://www.manongdao.com/q-1325834.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I wanted to control the microservices that are running in the Eureka server. I used spring-boot-admin for this, but I am getting the error on accessing the information about the Trace,Log etc...
The error I am getting is
Error: {"timestamp":1489052472862,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource.","path":"/metrics"}
My dependencies are
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-eureka</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-server</artifactId>
<version>1.4.3</version>
</dependency>
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-server-ui</artifactId>
<version>1.4.3</version>
</dependency>
and none of the below properties worked
endpoints.info.id=information
endpoints.info.sensitive=false
endpoints.info.enabled=true
information.app.name=Actuator Example
information.app.description=Actuator Example
information.app.version=1.0.0
and the same thing is happening with all the end points like mappings, env and all accept health
Setting
management.security.enabled=falsein theapplication.propertieswill disable the security on the endpoints.It's better to setup security by credentials
usernameandpasswordfor most of endpoints listed here: https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.htmlExceptions from the rule are
healthandinfoendpoints which won't be protected by credentials.You can set
usernameandpasswordinapplication.propertieslike that:I have had a similar issue. On my spring boot application we had a cors filter to block Http Head requests. So head requests cannot be accepted.
Check Javascript console log and application log.
Setting management.security.enabled=false in the application.properties also necessary.
I'm of the opinion that disabling the security to all sensitive endpoints isn't the way to go.
I had this issue while accessing
/metricsand apparently, I was missing thespring-boot-starter-securitydependency:After adding the dependency to my
pom.xml, and assuming that I have the following on myapplication.ymlI was able to access my
/metricsendpoint.