diff --git a/spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/VaultConfigDataLoader.java b/spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/VaultConfigDataLoader.java index 27c89eb3b..39d191a56 100644 --- a/spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/VaultConfigDataLoader.java +++ b/spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/VaultConfigDataLoader.java @@ -252,7 +252,8 @@ private void registerSecretLeaseContainer(ConfigurableBootstrapContext bootstrap VaultConfiguration vaultConfiguration) { registerIfAbsent(bootstrap, "secretLeaseContainer", SecretLeaseContainer.class, ctx -> { - SessionManager sessionManager = ctx.get(SessionManager.class); + SessionManager sessionManager = ctx.isRegistered(SessionManager.class) ? ctx.get(SessionManager.class) + : null; SecretLeaseContainer container = vaultConfiguration.createSecretLeaseContainer(ctx.get(VaultTemplate.class), () -> ctx.get(TaskSchedulerWrapper.class).getTaskScheduler(), sessionManager); diff --git a/spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/VaultConfiguration.java b/spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/VaultConfiguration.java index b5c2bf6a8..4d79a8c03 100644 --- a/spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/VaultConfiguration.java +++ b/spring-cloud-vault-config/src/main/java/org/springframework/cloud/vault/config/VaultConfiguration.java @@ -24,6 +24,7 @@ import org.springframework.cloud.client.ServiceInstance; import org.springframework.cloud.vault.config.VaultProperties.Ssl; import org.springframework.http.client.ClientHttpRequestFactory; +import org.springframework.lang.Nullable; import org.springframework.scheduling.TaskScheduler; import org.springframework.scheduling.concurrent.ThreadPoolTaskScheduler; import org.springframework.util.StringUtils; @@ -182,7 +183,7 @@ SessionManager createSessionManager(ClientAuthentication clientAuthentication, } SecretLeaseContainer createSecretLeaseContainer(VaultOperations vaultOperations, - Supplier taskSchedulerSupplier, SessionManager sessionManager) { + Supplier taskSchedulerSupplier, @Nullable SessionManager sessionManager) { VaultProperties.ConfigLifecycle lifecycle = this.vaultProperties.getConfig().getLifecycle(); diff --git a/spring-cloud-vault-config/src/test/java/org/springframework/cloud/vault/config/VaultConfigDataLoaderIntegrationTests.java b/spring-cloud-vault-config/src/test/java/org/springframework/cloud/vault/config/VaultConfigDataLoaderIntegrationTests.java index 75f2596e3..94f1a65ab 100644 --- a/spring-cloud-vault-config/src/test/java/org/springframework/cloud/vault/config/VaultConfigDataLoaderIntegrationTests.java +++ b/spring-cloud-vault-config/src/test/java/org/springframework/cloud/vault/config/VaultConfigDataLoaderIntegrationTests.java @@ -63,6 +63,21 @@ public void shouldConsiderProfiles() { } } + @Test + public void shouldConsiderNoAuthentication() { + + SpringApplication application = new SpringApplication(Config.class); + application.setWebApplicationType(WebApplicationType.NONE); + + try (ConfigurableApplicationContext context = application.run("--spring.application.name=my-config-loader", + "--spring.config.import=vault:", "--spring.cloud.vault.authentication=NONE")) { + + // while the Vault startup leads to Status 403 Forbidden [secret/application], + // we expect that the application can still boot up. + assertThat(context).isNotNull(); + } + } + @Test public void vaultLocationEndingWithSlashShouldFail() {