What is the proper way using random ports so security configuration is reliably applied? #12256
Unanswered
pskowronek
asked this question in
Q&A
Replies: 2 comments
-
|
Anyone? |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
This looks like a valid concern. Using: micronaut:
server:
port: -1 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
When using
port: -1for endpoints, the security configuration is not properly set. Micronaut has also${random.port}which works better with security configuration, but imho is not 100% reliable (the port can already be taken - race condition).Both ways of setting random port are stated in the documentation, but what worries me the most is that
-1may not properly set the security for endpoint, because apparently the filtering done in EndpointsFilter.java is using port from configuration not the real/final one chosen by netty.More details can be found in my comment to this bug: #9822
Beta Was this translation helpful? Give feedback.
All reactions