Using roles with spring drive
I am trying to configure the health actuator endpoint to provide information only if the authenticated user has the ADMIN role.
management.security.role: ADMIN
management.security.enabled: true
endpoints:
health:
id: health
sensitive: true
enabled: true
time-to-live: 1000
The behavior I see is that the details are provided regardless of whether the authenticated user has the ADMIN role or not, as long as it is authenticated.
This is similar to the HealthMvcEndpoint implementation , which only checks that the principal is not null and is not anonymous.
Could you please provide some clarification as to how I should use the driven roles? (I only want to restrict access to sensitive details, not the entire endpoint).
- spring boot version: 1.2.4.RELEASE
- spring framework: 4.1.6.RELEASE
Thank.
+3
source to share
No one has answered this question yet
Check out similar questions: