File tree Expand file tree Collapse file tree 1 file changed +14
-0
lines changed
spring-boot-docs/src/main/asciidoc Expand file tree Collapse file tree 1 file changed +14
-0
lines changed Original file line number Diff line number Diff line change @@ -583,6 +583,20 @@ in your `application.properties`:
583583 management.security.roles=SUPERUSER
584584----
585585
586+ If your application has custom security configuration and you want all your actuator endpoints
587+ to be accessible without authentication, you need to explicitly configure that in your
588+ security configuration. Along with that, you need to change the `management.security.enabled`
589+ property to `false`.
590+
591+ If your custom security configuration secures your actuator endpoints, you also need to ensure that
592+ the authenticated user has the roles specified under `management.security.roles`.
593+
594+ TIP: If you don't have a use case for exposing basic health information to unauthenticated users,
595+ and you have secured the actuator endpoints with custom security, you can set `management.security.enabled`
596+ to `false`. This will inform Spring Boot to skip the additional role check.
597+
598+
599+
586600
587601
588602[[production-ready-customizing-management-server-context-path]]
You can’t perform that action at this time.
0 commit comments