SpringBoot disable Actuator root











up vote
1
down vote

favorite
1












i'm using springboot and i'm exposing metrics with actuator and prometheus. I want to expose "info", "health", "metrics", "prometheus", "shutdown" and nothing more. But even if i specify into the application properties, what i see is that even the root "/actuator" is exposed.



I would like to disable the root actuator and have only the 5 member that I said previously.



Is there a way to don't expose only the /actuator endpoint? I've also tried in application properties doing like this:



management.endpoints.web.exposure.exclude=actuator


That is the list of the exposed actuator:



{

"_links": {

"self": {

"href": "http://localhost:9002/actuator",

"templated": false

},

"health-component-instance": {

"href": "http://localhost:9002/actuator/health/{component}/{instance}",

"templated": true

},

"health-component": {

"href": "http://localhost:9002/actuator/health/{component}",

"templated": true

},

"health": {

"href": "http://localhost:9002/actuator/health",

"templated": false

},

"shutdown": {

"href": "http://localhost:9002/actuator/shutdown",

"templated": false

},

"info": {

"href": "http://localhost:9002/actuator/info",

"templated": false

},

"prometheus": {

"href": "http://localhost:9002/actuator/prometheus",

"templated": false

},

"metrics-requiredMetricName": {

"href": "http://localhost:9002/actuator/metrics/{requiredMetricName}",

"templated": true

},

"metrics": {

"href": "http://localhost:9002/actuator/metrics",

"templated": false

}

}

}





java spring spring-boot openshift prometheus







share|improve this question




















  • 1




    No there isn't as /actuator is the main entry point for all other actuators.
    – M. Deinum
    Nov 7 at 14:02















up vote
1
down vote

favorite
1












i'm using springboot and i'm exposing metrics with actuator and prometheus. I want to expose "info", "health", "metrics", "prometheus", "shutdown" and nothing more. But even if i specify into the application properties, what i see is that even the root "/actuator" is exposed.



I would like to disable the root actuator and have only the 5 member that I said previously.



Is there a way to don't expose only the /actuator endpoint? I've also tried in application properties doing like this:



management.endpoints.web.exposure.exclude=actuator


That is the list of the exposed actuator:



{

"_links": {

"self": {

"href": "http://localhost:9002/actuator",

"templated": false

},

"health-component-instance": {

"href": "http://localhost:9002/actuator/health/{component}/{instance}",

"templated": true

},

"health-component": {

"href": "http://localhost:9002/actuator/health/{component}",

"templated": true

},

"health": {

"href": "http://localhost:9002/actuator/health",

"templated": false

},

"shutdown": {

"href": "http://localhost:9002/actuator/shutdown",

"templated": false

},

"info": {

"href": "http://localhost:9002/actuator/info",

"templated": false

},

"prometheus": {

"href": "http://localhost:9002/actuator/prometheus",

"templated": false

},

"metrics-requiredMetricName": {

"href": "http://localhost:9002/actuator/metrics/{requiredMetricName}",

"templated": true

},

"metrics": {

"href": "http://localhost:9002/actuator/metrics",

"templated": false

}

}

}





java spring spring-boot openshift prometheus







share|improve this question




















  • 1




    No there isn't as /actuator is the main entry point for all other actuators.
    – M. Deinum
    Nov 7 at 14:02













up vote
1
down vote

favorite
1









up vote
1
down vote

favorite
1






1





i'm using springboot and i'm exposing metrics with actuator and prometheus. I want to expose "info", "health", "metrics", "prometheus", "shutdown" and nothing more. But even if i specify into the application properties, what i see is that even the root "/actuator" is exposed.



I would like to disable the root actuator and have only the 5 member that I said previously.



Is there a way to don't expose only the /actuator endpoint? I've also tried in application properties doing like this:



management.endpoints.web.exposure.exclude=actuator


That is the list of the exposed actuator:



{

"_links": {

"self": {

"href": "http://localhost:9002/actuator",

"templated": false

},

"health-component-instance": {

"href": "http://localhost:9002/actuator/health/{component}/{instance}",

"templated": true

},

"health-component": {

"href": "http://localhost:9002/actuator/health/{component}",

"templated": true

},

"health": {

"href": "http://localhost:9002/actuator/health",

"templated": false

},

"shutdown": {

"href": "http://localhost:9002/actuator/shutdown",

"templated": false

},

"info": {

"href": "http://localhost:9002/actuator/info",

"templated": false

},

"prometheus": {

"href": "http://localhost:9002/actuator/prometheus",

"templated": false

},

"metrics-requiredMetricName": {

"href": "http://localhost:9002/actuator/metrics/{requiredMetricName}",

"templated": true

},

"metrics": {

"href": "http://localhost:9002/actuator/metrics",

"templated": false

}

}

}





java spring spring-boot openshift prometheus







share|improve this question















i'm using springboot and i'm exposing metrics with actuator and prometheus. I want to expose "info", "health", "metrics", "prometheus", "shutdown" and nothing more. But even if i specify into the application properties, what i see is that even the root "/actuator" is exposed.



I would like to disable the root actuator and have only the 5 member that I said previously.



Is there a way to don't expose only the /actuator endpoint? I've also tried in application properties doing like this:



management.endpoints.web.exposure.exclude=actuator


That is the list of the exposed actuator:



{

"_links": {

"self": {

"href": "http://localhost:9002/actuator",

"templated": false

},

"health-component-instance": {

"href": "http://localhost:9002/actuator/health/{component}/{instance}",

"templated": true

},

"health-component": {

"href": "http://localhost:9002/actuator/health/{component}",

"templated": true

},

"health": {

"href": "http://localhost:9002/actuator/health",

"templated": false

},

"shutdown": {

"href": "http://localhost:9002/actuator/shutdown",

"templated": false

},

"info": {

"href": "http://localhost:9002/actuator/info",

"templated": false

},

"prometheus": {

"href": "http://localhost:9002/actuator/prometheus",

"templated": false

},

"metrics-requiredMetricName": {

"href": "http://localhost:9002/actuator/metrics/{requiredMetricName}",

"templated": true

},

"metrics": {

"href": "http://localhost:9002/actuator/metrics",

"templated": false

}

}

}





java spring spring-boot openshift prometheus




java spring spring-boot openshift prometheus






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 7 at 17:00









Sofo Gial

13012




13012










asked Nov 7 at 13:46









osh arko

315




315








  • 1




    No there isn't as /actuator is the main entry point for all other actuators.
    – M. Deinum
    Nov 7 at 14:02














  • 1




    No there isn't as /actuator is the main entry point for all other actuators.
    – M. Deinum
    Nov 7 at 14:02








1




1




No there isn't as /actuator is the main entry point for all other actuators.
– M. Deinum
Nov 7 at 14:02




No there isn't as /actuator is the main entry point for all other actuators.
– M. Deinum
Nov 7 at 14:02












1 Answer
1






active

oldest

votes

















up vote
1
down vote













There is no configuration value for this. The best you can do right now is move the management base endpoint to /, in which case the discovery page is disabled to prevent clashing with other endpoints in your app:



https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.html#production-ready-endpoints-hypermedia




When the management context path is set to /, the discovery page is disabled to prevent the possibility of a clash with other mappings.




If you're using Spring Security you can effectively hide the discovery page using something like this inside your own WebSecurityConfigurerAdapter:



@Override

protected void configure(HttpSecurity http) throws Exception

{

   http

      .authorizeRequests()

         .mvcMatchers("/actuator").denyAll()

         .mvcMatchers("/actuator/").denyAll()

}


This would deny all requests to the discovery page, but allow requests through to the individual exposed endpoints.



There is some discussion of the discovery page in this GitHub issue as well:



https://github.com/spring-projects/spring-boot/issues/10331






share|improve this answer























  • Hi mike, thanks for replying. i didn't understand how to override the actuator path. i tried exposing an api rest at the same path, but mine is not considered
    – osh arko
    Nov 7 at 14:27










  • Try setting management.endpoints.web.base-path=/
    – Mike
    Nov 7 at 14:32










  • Good, like this actuator is not expose. but now isn't there a way to expose the actuator under /actuator instead of the main root?
    – osh arko
    Nov 7 at 14:36






  • 1




    Correct, that's the downside I was pointing out: all the exposed endpoints are now under / instead of /actuator.
    – Mike
    Nov 7 at 14:38










  • I have added a spring security code sample for how to hide the discovery page while leaving the exposed endpoints working.
    – Mike
    Nov 7 at 14:48











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














 

draft saved


draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53190729%2fspringboot-disable-actuator-root%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
1
down vote













There is no configuration value for this. The best you can do right now is move the management base endpoint to /, in which case the discovery page is disabled to prevent clashing with other endpoints in your app:



https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.html#production-ready-endpoints-hypermedia




When the management context path is set to /, the discovery page is disabled to prevent the possibility of a clash with other mappings.




If you're using Spring Security you can effectively hide the discovery page using something like this inside your own WebSecurityConfigurerAdapter:



@Override

protected void configure(HttpSecurity http) throws Exception

{

   http

      .authorizeRequests()

         .mvcMatchers("/actuator").denyAll()

         .mvcMatchers("/actuator/").denyAll()

}


This would deny all requests to the discovery page, but allow requests through to the individual exposed endpoints.



There is some discussion of the discovery page in this GitHub issue as well:



https://github.com/spring-projects/spring-boot/issues/10331






share|improve this answer























  • Hi mike, thanks for replying. i didn't understand how to override the actuator path. i tried exposing an api rest at the same path, but mine is not considered
    – osh arko
    Nov 7 at 14:27










  • Try setting management.endpoints.web.base-path=/
    – Mike
    Nov 7 at 14:32










  • Good, like this actuator is not expose. but now isn't there a way to expose the actuator under /actuator instead of the main root?
    – osh arko
    Nov 7 at 14:36






  • 1




    Correct, that's the downside I was pointing out: all the exposed endpoints are now under / instead of /actuator.
    – Mike
    Nov 7 at 14:38










  • I have added a spring security code sample for how to hide the discovery page while leaving the exposed endpoints working.
    – Mike
    Nov 7 at 14:48















up vote
1
down vote













There is no configuration value for this. The best you can do right now is move the management base endpoint to /, in which case the discovery page is disabled to prevent clashing with other endpoints in your app:



https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.html#production-ready-endpoints-hypermedia




When the management context path is set to /, the discovery page is disabled to prevent the possibility of a clash with other mappings.




If you're using Spring Security you can effectively hide the discovery page using something like this inside your own WebSecurityConfigurerAdapter:



@Override

protected void configure(HttpSecurity http) throws Exception

{

   http

      .authorizeRequests()

         .mvcMatchers("/actuator").denyAll()

         .mvcMatchers("/actuator/").denyAll()

}


This would deny all requests to the discovery page, but allow requests through to the individual exposed endpoints.



There is some discussion of the discovery page in this GitHub issue as well:



https://github.com/spring-projects/spring-boot/issues/10331






share|improve this answer























  • Hi mike, thanks for replying. i didn't understand how to override the actuator path. i tried exposing an api rest at the same path, but mine is not considered
    – osh arko
    Nov 7 at 14:27










  • Try setting management.endpoints.web.base-path=/
    – Mike
    Nov 7 at 14:32










  • Good, like this actuator is not expose. but now isn't there a way to expose the actuator under /actuator instead of the main root?
    – osh arko
    Nov 7 at 14:36






  • 1




    Correct, that's the downside I was pointing out: all the exposed endpoints are now under / instead of /actuator.
    – Mike
    Nov 7 at 14:38










  • I have added a spring security code sample for how to hide the discovery page while leaving the exposed endpoints working.
    – Mike
    Nov 7 at 14:48













up vote
1
down vote










up vote
1
down vote









There is no configuration value for this. The best you can do right now is move the management base endpoint to /, in which case the discovery page is disabled to prevent clashing with other endpoints in your app:



https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.html#production-ready-endpoints-hypermedia




When the management context path is set to /, the discovery page is disabled to prevent the possibility of a clash with other mappings.




If you're using Spring Security you can effectively hide the discovery page using something like this inside your own WebSecurityConfigurerAdapter:



@Override

protected void configure(HttpSecurity http) throws Exception

{

   http

      .authorizeRequests()

         .mvcMatchers("/actuator").denyAll()

         .mvcMatchers("/actuator/").denyAll()

}


This would deny all requests to the discovery page, but allow requests through to the individual exposed endpoints.



There is some discussion of the discovery page in this GitHub issue as well:



https://github.com/spring-projects/spring-boot/issues/10331






share|improve this answer














There is no configuration value for this. The best you can do right now is move the management base endpoint to /, in which case the discovery page is disabled to prevent clashing with other endpoints in your app:



https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.html#production-ready-endpoints-hypermedia




When the management context path is set to /, the discovery page is disabled to prevent the possibility of a clash with other mappings.




If you're using Spring Security you can effectively hide the discovery page using something like this inside your own WebSecurityConfigurerAdapter:



@Override

protected void configure(HttpSecurity http) throws Exception

{

   http

      .authorizeRequests()

         .mvcMatchers("/actuator").denyAll()

         .mvcMatchers("/actuator/").denyAll()

}


This would deny all requests to the discovery page, but allow requests through to the individual exposed endpoints.



There is some discussion of the discovery page in this GitHub issue as well:



https://github.com/spring-projects/spring-boot/issues/10331







share|improve this answer














share|improve this answer



share|improve this answer








edited Nov 7 at 14:48

























answered Nov 7 at 14:05









Mike

1,174716




1,174716












  • Hi mike, thanks for replying. i didn't understand how to override the actuator path. i tried exposing an api rest at the same path, but mine is not considered
    – osh arko
    Nov 7 at 14:27










  • Try setting management.endpoints.web.base-path=/
    – Mike
    Nov 7 at 14:32










  • Good, like this actuator is not expose. but now isn't there a way to expose the actuator under /actuator instead of the main root?
    – osh arko
    Nov 7 at 14:36






  • 1




    Correct, that's the downside I was pointing out: all the exposed endpoints are now under / instead of /actuator.
    – Mike
    Nov 7 at 14:38










  • I have added a spring security code sample for how to hide the discovery page while leaving the exposed endpoints working.
    – Mike
    Nov 7 at 14:48


















  • Hi mike, thanks for replying. i didn't understand how to override the actuator path. i tried exposing an api rest at the same path, but mine is not considered
    – osh arko
    Nov 7 at 14:27










  • Try setting management.endpoints.web.base-path=/
    – Mike
    Nov 7 at 14:32










  • Good, like this actuator is not expose. but now isn't there a way to expose the actuator under /actuator instead of the main root?
    – osh arko
    Nov 7 at 14:36






  • 1




    Correct, that's the downside I was pointing out: all the exposed endpoints are now under / instead of /actuator.
    – Mike
    Nov 7 at 14:38










  • I have added a spring security code sample for how to hide the discovery page while leaving the exposed endpoints working.
    – Mike
    Nov 7 at 14:48
















Hi mike, thanks for replying. i didn't understand how to override the actuator path. i tried exposing an api rest at the same path, but mine is not considered
– osh arko
Nov 7 at 14:27




Hi mike, thanks for replying. i didn't understand how to override the actuator path. i tried exposing an api rest at the same path, but mine is not considered
– osh arko
Nov 7 at 14:27












Try setting management.endpoints.web.base-path=/
– Mike
Nov 7 at 14:32




Try setting management.endpoints.web.base-path=/
– Mike
Nov 7 at 14:32












Good, like this actuator is not expose. but now isn't there a way to expose the actuator under /actuator instead of the main root?
– osh arko
Nov 7 at 14:36




Good, like this actuator is not expose. but now isn't there a way to expose the actuator under /actuator instead of the main root?
– osh arko
Nov 7 at 14:36




1




1




Correct, that's the downside I was pointing out: all the exposed endpoints are now under / instead of /actuator.
– Mike
Nov 7 at 14:38




Correct, that's the downside I was pointing out: all the exposed endpoints are now under / instead of /actuator.
– Mike
Nov 7 at 14:38












I have added a spring security code sample for how to hide the discovery page while leaving the exposed endpoints working.
– Mike
Nov 7 at 14:48




I have added a spring security code sample for how to hide the discovery page while leaving the exposed endpoints working.
– Mike
Nov 7 at 14:48


















 

draft saved


draft discarded



















































 


draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53190729%2fspringboot-disable-actuator-root%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

這個網誌中的熱門文章

Xamarin.form Move up view when keyboard appear

圖片
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 0 I'm trying to build a Chat app UI, the idea of the Layout was pretty simple: When the input bar is focused, keyboard show up and "push" up the chat bar, as it's a grid, the ListView will resize to fit the screen: I update the input bar's margin to "push" it up: NSValue result = (NSValue)args.Notification.UserInfo.ObjectForKey(new NSString(UIKeyboard.FrameEndUserInfoKey)); CGSize keyboardSize = result.RectangleFValue.Size; if (Element != null){ Element.Margin = new Thickness(0, 0, 0,keyboardSize.Height); //push the entry up to keyboard height when keyboard is activated } And this is ...
閱讀完整內容

Post-Redirect-Get with Spring WebFlux and Thymeleaf

圖片
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 2 Can someone explain to me how to implement the post-redirect-get pattern in Spring WebFlux and Thymeleaf? What subscribes on the database save method? @GetMapping("/register") public String showRegisterForm(Model model) { model.addAttribute("user", new User()); return "register"; } @PostMapping public String processRegisterForm(@Valid User user, BindingResult bindingResult) { if (bindingResult.hasErrors()) { return "register"; } else { userRepository.save(user); //what subscribes on this? //how to redirect on e.g. "/login"? ...
閱讀完整內容

Anylogic : not able to use stopDelay()

圖片
-2 I am building a railway station model. I want a train to depart when I click a button. I want to call stopDelay() for that but I am not sure how to do that and from which place. anylogic share | improve this question asked Nov 23 '18 at 10:12 Anupam Singh Anupam Singh 1 Hi Anupam, welcome to SOF. Please check how to ask good questions, see link below. Your question is...
閱讀完整內容