Use oauth2 authentication for main application and basic auth for management endpoints on spring boot?

Question

Use oauth2 authentication for main application and basic auth for management endpoints on spring boot?

I am using Spring Boot to create a REST Api that I can secure with Oauth2 (using spring-security-oauth2).

I want to manage a separate authentication and authorization scheme for the actuator control endpoints (metrics, health, etc.).

And I want the management endpoints to run on a different port (management.port = 8081 in application.properties)

I've read quite a lot but couldn't find a way to do this.

thank

+3

spring-boot spring-security spring-security-oauth2

askp Dec 15. '14 at 1:19

source to share

1 answer

Luke Bajada · Answer 1 · 2015-06-23T16:50:27+0000

This is because you cannot split endpoints by port. If the actuator control endpoints and control endpoints are on the same component, the Spring Boot container (Tomcat) will start the entire component on the same port.

What you say can be reached by a proxy. You have to map some of the proxy urls to match the urls of your component.

Use oauth2 authentication for main application and basic auth for management endpoints on spring boot?

More articles: