New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
POST to http://localhost:8080/refresh results in 401 Unauthorized #5
Comments
Possibly due to 1.5.1 locking down actuator by default. Comments @dsyer? |
Yes that would be it. I guess we need |
|
Thanks |
management.security.enabled=false |
So anyone can restart your service from your endpoint! |
Don't do that! Anyone who guess ip and port of your microservice could take the control! For example he can see your configprops calling /actuator/configprops, or inspect the env and other stuff! |
The Spring guide says that we should be able to refresh the client by sending a POST request to http://localhost:8080/refresh but doing so will result in an unauthorized 401 response.
$ curl -X POST http://localhost:8080/refresh {"timestamp":1487113045770,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource.","path":"/refresh"}
The text was updated successfully, but these errors were encountered: