In spring boot app I set e.g. server.context-path=/mymodule. This is convenient because I don't need to repeat over and over again /mymodule prefix in #RequestMapping.
Further I want to have actuator endpoints grouped together on URLs with common prefix so I set management.context-path=/actuator.
Now actuator endpoint are mapped to /mymodule/actuator.
From security perspective I want to have actuator endpoints mapped to /actuator. Simple config on reverse proxy https://mydomain/api/mymodule -> http://oneofmyserver:port/mymodule protects that end users would not be able to access actuator.
Is it possible to map actuator endpoints to /actuator?
Probably better solution from security perspective is to export actuator on totally different port. To do it just add such properties:
management.port=9080
You can also just change context-path of actuator endpoints by using
management.context-path=/actuator
You can use the management.endpoints.web.base-path property to change the prefix for your management endpoint. Reference from spring-boot document.
The following example remaps /actuator/health to /healthcheck;
management.endpoints.web.base-path=/
management.endpoints.web.path-mapping.health=healthcheck
In case of you aren't able to use different ports and you have, for example, eureka in you environment, you can use the following:
Configure additional metadata, that you send to eureka. Simply by adding there some parameter with value of your context-path. spring docs
Configure Prometheus for using Eureka.
After that you will get an access to your custom meta-data
Finally you can use these new parameters in a relabeling step.
Related
I have a Spring Boot application with a lot of controllers, and I want to run the service on a sub-path of an existing domain. So I've figured it would be nicer to have this configurable than to hardcode the path into all the request mappings.
I've considered all the approaches mentioned here https://www.baeldung.com/spring-boot-controllers-add-prefix, but they either also change the prefix of the actuator endpoints or are not globally enforced, so I'd prefer a different approach.
I want the actuator endpoints on /_system/ (changed by management.endpoints.web.base-path=/_system) and have only the /prefix as a load balancer target, so the management endpoints won't ever be reachable from the internet (in case I miss-configure the application and start leaking some sensitive info from the management endpoints).
I've also tried configuring management.server.base-path=/, but that seems to also be affected by the server.servlet.context-path and spring.mvc.servlet.path as the actuator seems to be registered "under" the main servlet dispatcher.
I was looking into registering a separate servlet dispatcher just for the actuator endpoints, but I've given up on researching it after some time because I feel like I'd have to override half of Spring Boot.
Any other ideas? Thanks
I'm looking for a way to implement custom endpoints for a reactive application using Spring Boot 2.2.
The endpoints have some subsystems and perform specific resource operations on the subsystems. The URL paths look like:
/actuator/system1/subsystem_a
/actuator/system1/subsystem_b
/actuator/system2/subsystem_c
Furthermore, system1 and system2 are not both always deployed, so I'd like to add dynamically the endpoints of the deployed system only.
I know I can use ReactiveHealthContributorRegistry to add custom health check endpoints dynamically. Is there a similar way for a fully custom endpoint?
Thanks in advance.
It seems there is no way to construct such complex endpoints like what I asked in Spring Boot Actuator.
I finally decided to use RouterFunction and HandlerFunction referring to the following websites.
https://www.baeldung.com/spring-5-functional-web
https://spring.io/blog/2016/09/22/new-in-spring-5-functional-web-framework
I know there is a similar kind of question exist but if works only for glassfish server.
Listing all deployed rest endpoints (spring-boot, jersey)
Is it possible to list all my configured rest-endpoints with spring boot? The actuator lists all existing paths on startup, I want something similar for my custom services, so I can check on startup if all paths are configured correctly and use this info for client calls.
How do I do this? I use #Path/#GET annotations on my service beans and register them via ResourceConfig#registerClasses.
Is there a way to query the Config for all Paths?
Update2: I want to have something like
GET /rest/mycontroller/info
POST /res/mycontroller/update
...
In my opinion, you are already using the right tool (actuator) to answer to your request.
Actuator gives you all the rest method running and you can configure it on your own, by disabling/enabling specific endpoints
If you have a look on the documentationprobably it can help you.
In any case, the default configuration of actuator display the endpoints (built-in in Intellij for your development).
I need to set a prefix for my controllers: /api. But this shouldn't impact the actuator endpoints eg /health. I know you can set the server.context-path but this will also impact the actuator endpoints. I know i can also put an annotation on each controller, but this could easily lead to problems when some other developer forgets it. So is there an easy way to have this prefix on each custom controller but not the spring boot actuator endpoints? Don't really car if it is with java config or some property that i haven't found yet.
Thanks
Is there an easy way to add a prefix to all the Actuator endpoints?
/env -> /secure/env
/health -> /secure/health
/info -> /secure/info
...
Jesper's answer is completely right, but I was looking for a more straightforward way of prefixing all endpoints, and it can be done with management.context-path, e.g.:
management:
context-path: /secure
-> /secure/env
-> /secure/health
...
According to current Spring-Boot documentation, the property to change is:
management.endpoints.web.base-path=/secure
Set the properties endpoints.{name}.path in your application.properties. For example:
endpoints.actuator.path=/secure/actuator
endpoints.env.path=/secure/env
endpoints.health.path=/secure/health
endpoints.info.path=/secure/info
To enable security on an endpoint, set endpoints.{name}.sensitive to true. For example:
endpoints.health.sensitive=true
See also Securing sensitive endpoints, Actuator Security and HTTP health endpoint access restrictions in the Spring Boot reference documentation if you want to secure the actuator endpoints of your application.
See Common application properties in the Spring Boot reference documentation for a list of common properties that you can set in application.properties.