You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are using spring-boot-actuator-autoconfigure:3.2.4 in a CloudFoundry environment having: spring.main.cloud-platform=cloud_foundry
During Startup of the application we get the following warning:
WARN [,,] 22320 --- [ main] o.s.s.c.a.web.builders.WebSecurity : You are asking Spring Security to ignore Or [Ant [pattern='/cloudfoundryapplication/beans/**'], Ant [pattern='/cloudfoundryapplication/caches/**'], Ant [pattern='/cloudfoundryapplication/health/**'], Ant [pattern='/cloudfoundryapplication/info/**'], Ant [pattern='/cloudfoundryapplication/conditions/**'], Ant [pattern='/cloudfoundryapplication/configprops/**'], Ant [pattern='/cloudfoundryapplication/env/**'], Ant [pattern='/cloudfoundryapplication/loggers/**'], Ant [pattern='/cloudfoundryapplication/heapdump/**'], Ant [pattern='/cloudfoundryapplication/threaddump/**'], Ant [pattern='/cloudfoundryapplication/metrics/**'], Ant [pattern='/cloudfoundryapplication/scheduledtasks/**'], Ant [pattern='/cloudfoundryapplication/mappings/**'], Ant [pattern='/cloudfoundryapplication'], Ant [pattern='/cloudfoundryapplication/']]. This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.
It seems that the problem lies in the following class that uses web.ignoring().requestMatchers(...) org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundryActuatorAutoConfiguration#IgnoredCloudFoundryPathsWebSecurityCustomizer
I guess the solution would be as you proposed it yourselves: This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.
Thanks for all the great work.
The text was updated successfully, but these errors were encountered:
mpstadler
changed the title
CloudFoundryActuatorAutoConfiguration
CloudFoundryActuatorAutoConfiguration produces a Warning
Apr 16, 2024
Hi
We are using spring-boot-actuator-autoconfigure:3.2.4 in a CloudFoundry environment having:
spring.main.cloud-platform=cloud_foundry
During Startup of the application we get the following warning:
It seems that the problem lies in the following class that uses
web.ignoring().requestMatchers(...)
org.springframework.boot.actuate.autoconfigure.cloudfoundry.servlet.CloudFoundryActuatorAutoConfiguration#IgnoredCloudFoundryPathsWebSecurityCustomizer
I guess the solution would be as you proposed it yourselves:
This is not recommended -- please use permitAll via HttpSecurity#authorizeHttpRequests instead.
Thanks for all the great work.
The text was updated successfully, but these errors were encountered: