POST to http://localhost:8080/refresh results in 401 Unauthorized

[ziadloo]

The Spring guide says that we should be able to refresh the client by sending a POST request to http://localhost:8080/refresh but doing so will result in an unauthorized 401 response.

$ curl -X POST http://localhost:8080/refresh {"timestamp":1487113045770,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource.","path":"/refresh"}

[gregturn]

Possibly due to 1.5.1 locking down actuator by default. Comments @dsyer?

[dsyer]

Yes that would be it. I guess we need management.security.enabled=false for this guide.

[Cepr0]

we need management.security.enabled=false for this guide.
Thanks @dsyer, that helped!

[alibaseit]

Thanks
management.security.enabled=false
solved my problem too.

[dulipchandana]

management.security.enabled=false

[mahamafzar]

management.security.enabled=false

So anyone can restart your service from your endpoint!

[robertomanfreda]

Yes that would be it. I guess we need management.security.enabled=false for this guide.

Don't do that! Anyone who guess ip and port of your microservice could take the control! For example he can see your configprops calling /actuator/configprops, or inspect the env and other stuff!