Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Remove management.security.enabled from documentation
See original GitHub issuemanagement.security.enabled has been removed in spring-boot 2. But the docs still mention the property. Please adjust the documentation add a sample for the alternative way to disable security on the management endpoints.
Issue Analytics
- State:
- Created 6 years ago
- Comments:10 (5 by maintainers)
Top Results From Across the Web
37. Monitoring and management over HTTP - Spring
In that case you will have Spring Security on the classpath, and you can disable management security like this: management.security.enabled=false.
Read more >Turn off actuator security for spring-boot - Stack Overflow
Consider adding Spring Security or set 'management.security.enabled' to false. Is there a way to set the application.yml somewhere as the ...
Read more >A member was removed from a security-enabled local group.
Subcategory: Audit Security Group Management ; Event Description: ; Event XML: ; Required Server Roles: None. ; Minimum OS Version: Windows Server ...
Read more >Spring Boot Actuator | Baeldung
To enable Spring Boot Actuator, we just need to add the ... we should also disable security by setting management.security.enabled=false for ...
Read more >Conditionally Disabling or Overriding Spring Boot Security ...
First we will exclude spring security Auto-configuration and then control enable/disable security using config parameter.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@mariuszs That was unfortunately a bug. It’s been fixed by #12354 and will be in 2.0.1.
@jblayneyXpanxion as mentioned in the guidelines for contributing, we prefer to use GitHub issues only for bugs and enhancements. This is a question that would be better suited to Stack Overflow or our gitter channel. If you feel this is a documentation issue please open a new issue rather than commenting on a closed one.
Regarding your point about these endpoints being available to the world, that is not true. The default configuration for all endpoints (except health and info) requires authentication when Spring Security is on the classpath. Additionally the endpoints are not exposed over the web by default. They need to be exposed explicitly using the
management.endpoints.web.exposureproperty.