Securing Eureka with user/password causes recurring login popup
See original GitHub issueIf I secure Eureka with a user/password as so
application.yml in Eureka Server:
security:
user:
password: ${eureka.password} # Don't use a default password in a real app
And if the spring-boot-admin bootstrap.yml contains:
cloud:
config:
uri: http://localhost:8888/diagnostics/admin/config
failFast: true
spring.boot.admin.discovery.management.context-path: /diagnostics/admin
eureka:
instance:
leaseRenewalIntervalInSeconds: 10
statusPageUrlPath: /diagnostics/admin/info
healthCheckUrlPath: /diagnostics/admin/health
metadataMap:
password: password
client:
enabled: true
serviceUrl:
defaultZone: http://user:password@localhost:8761/eureka/
Then when I bring up spring-boot-admin ui, the following prompt for user/password happens over and over. When it happens, log is Finding route for path: /api/applications/xxxx/yyy
where yyy are /info|configprops/ and xxx are some kind of hash.
Issue Analytics
- State:
- Created 8 years ago
- Comments:5
Top Results From Across the Web
Securing Eureka in Spring cloud - Stack Overflow
Obviously I want to turn security on in Eureka and specify a username password for service. One question that I have is how...
Read more >Spring Cloud
The default is a username of user and a randomly generated password. A random password is not useful in practice, so we recommend...
Read more >Spring Boot Microservices on Red Hat OpenShift Container ...
Eureka is a REST (REpresentational State Transfer) based service that is primarily used in the AWS cloud for locating services for the purpose...
Read more >Tag: Spring Cloud - Piotr's TechBlog - WordPress.com
Secure Spring Cloud Microservices with Vault and Nomad ... Client-side applications by default tries to connect with Eureka server on localhost under port ......
Read more >Symantec Privileged Access Manager - 3.3.5 - TechDocs
Hardware Security Modules (HSMs) for Credential Manager. ... Configure Users with the Manage Credentials Privilege to View Passwords on the Access Screen.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@ravighanate did you set
zuul.sensitiveHeaders
to empty / no value in SBA server? So the auth header gets passed by zuul?Also did you look at the basic-example in https://github.com/joshiste/spring-boot-admin-samples?
There will be an improvement for Boot 1.5.x to work with proteceted endpoints.
Is there any update on this issue? Using basic-auth on all client endpoints with same user/name password still doesn’t work and still keeps prompting for login. Is there any better way to handle in 1.4.X?