Spring Boot Admin Page Client Open Endpoints

0

I have a spring boot admin server. Here are the files for the server:

pom.xml

<parent>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-parent</artifactId>

    <version>1.5.17.RELEASE</version>

    <relativePath/> <!-- lookup parent from repository -->

</parent>



<properties>

    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

    <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>

    <java.version>1.8</java.version>

    <spring-boot-admin.version>1.5.7</spring-boot-admin.version>

</properties>



<dependencies>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server</artifactId>

    </dependency>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server-ui</artifactId>

    </dependency>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server-ui-login</artifactId>

    </dependency>

    <dependency>

        <groupId>org.springframework.boot</groupId>

        <artifactId>spring-boot-starter-security</artifactId>

    </dependency>

</dependencies>



<dependencyManagement>

    <dependencies>

        <dependency>

            <groupId>de.codecentric</groupId>

            <artifactId>spring-boot-admin-dependencies</artifactId>

            <version>${spring-boot-admin.version}</version>

            <type>pom</type>

            <scope>import</scope>

        </dependency>

    </dependencies>

</dependencyManagement>



<build>

    <plugins>

        <plugin>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-maven-plugin</artifactId>

        </plugin>

    </plugins>

</build>

application.properties

spring.application.name=spring-boot-admin-server



security.user.name=admin

security.user.password=admin

server.port = 9090

WebSecurityConfig.java

@Configuration

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {



    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http

                .formLogin()

                .loginPage("/login.html")

                .loginProcessingUrl("/login")

                .permitAll();

        http

                .logout().logoutUrl("/logout");

        http

                .csrf().disable();

        http

                .authorizeRequests()

                .antMatchers("/login.html", "/**/*.css", "/img/**", "/third-party/**")

                .permitAll();

        http

                .authorizeRequests()

                .antMatchers("/**")

                .authenticated();

        http.httpBasic();

    }

}

The server is up and running and accessible at localhost:9090. But when I start my client application, it registers to the server but none of the endpoints are accessible because of security I presume.

Here's what the admin page looks like:

For some reason the application always shows as DOWN. I get this error in the server console:

2018-11-21 15:02:21.475  INFO 1893 --- [    updateTask1] d.c.boot.admin.registry.StatusUpdater    : Couldn't retrieve info for Application [id=d83f0885, name=PETE, managementUrl=http://localhost:8081/demo/, healthUrl=http://localhost:8081/demo/health/, serviceUrl=http://localhost:8081/demo/]: 403 - {timestamp=1542834141473, status=403, error=Forbidden, message=Access Denied, path=/demo/login}

My demo application is a web app with a login page. It has the following dependencies:

<dependency>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-actuator</artifactId>

</dependency>

<dependency>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-hateoas</artifactId>

</dependency>

<dependency>

    <groupId>de.codecentric</groupId>

    <artifactId>spring-boot-admin-starter-client</artifactId>

    <version>1.5.7</version>

</dependency>

It has spring boot security, here's the security config class:

@EnableWebSecurity

@EnableGlobalMethodSecurity(prePostEnabled = true)

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

  @Autowired

  private AuthenticationManager authenticationManager;

  @Autowired

  private AuthenticationFailureHandler failureHandler;

  @Autowired

  private JwtAuthenticationProvider jwtAuthenticationProvider;

  @Autowired

  private Environment env;



    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().disable()

                .addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(),

                        UsernamePasswordAuthenticationFilter.class)

                .logout().invalidateHttpSession(true).deleteCookies("token", "JSESSIONID")

                .logoutSuccessUrl(Routes.LOGOUT.getValue()).and().exceptionHandling().accessDeniedPage("/403");

        // Disable HSTS so that "proceed anyways" works for SSL certs

        http.headers().httpStrictTransportSecurity().disable();

    }



    protected JwtTokenAuthenticationProcessingFilter buildJwtTokenAuthenticationProcessingFilter() throws Exception {

        List<String> pathsToSkip = Arrays.asList("/login", "/loginPost", "/login-failure", "/error",

                "/**/*.js", "/**/*.png", "/**/*.css", "/**/*.woff*", "/**/*.ttf");

        SkipPathRequestMatcher matcher = new SkipPathRequestMatcher(pathsToSkip, "/**");

        JwtTokenAuthenticationProcessingFilter filter = new JwtTokenAuthenticationProcessingFilter(failureHandler,

                matcher, env);

        filter.setAuthenticationManager(this.authenticationManager);

        return filter;

    }



    @Bean

    @Override

    public AuthenticationManager authenticationManagerBean() throws Exception {

        return super.authenticationManagerBean();

    }



    @Override

    protected void configure(AuthenticationManagerBuilder auth) {

        auth.authenticationProvider(jwtAuthenticationProvider);

    }



    @Bean(name = "loginAuthenticationRestTemplateBean")

    RestTemplate restTemplate() {

        return new RestTemplate();

    }

}

What do I need to do client side to open up the actuator endpoints so the admin page can access them and show proper status.

Edit 1: There's another error in the admin server console:

org.springframework.web.client.RestClientException: Could not extract response: no suitable HttpMessageConverter found for response type [interface java.util.Map] and content type [text/html;charset=UTF-8]

    at org.springframework.web.client.HttpMessageConverterExtractor.extractData(HttpMessageConverterExtractor.java:110) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate$ResponseEntityResponseExtractor.extractData(RestTemplate.java:932) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate$ResponseEntityResponseExtractor.extractData(RestTemplate.java:916) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:663) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:636) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:557) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at de.codecentric.boot.admin.web.client.ApplicationOperations.doGet(ApplicationOperations.java:68) ~[spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.web.client.ApplicationOperations.getHealth(ApplicationOperations.java:58) ~[spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdater.queryStatus(StatusUpdater.java:111) [spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdater.updateStatus(StatusUpdater.java:65) [spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdateApplicationListener$1.run(StatusUpdateApplicationListener.java:47) [spring-boot-admin-server-1.5.7.jar:na]

    at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) [spring-context-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [na:1.8.0_121]

    at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266) [na:1.8.0_121]

    at java.util.concurrent.FutureTask.run(FutureTask.java) [na:1.8.0_121]

    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) [na:1.8.0_121]

    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) [na:1.8.0_121]

    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_121]

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_121]

    at java.lang.Thread.run(Thread.java:745) [na:1.8.0_121]

I tried adding adding this message converter:

@Configuration

public class WebMvcConfig extends WebMvcConfigurerAdapter {

    /**

     * {@inheritDoc}

     * <p>This implementation is empty.

     *

     * @param converters

     */

    @Override

    public void extendMessageConverters(List<HttpMessageConverter<?>> converters) {

        List<HttpMessageConverter<?>> newConverters = converters.stream().filter(c -> !(c instanceof MappingJackson2HttpMessageConverter)).collect(Collectors.toList());

        MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();

        // Note: here we are making this converter to process any kind of response,

        // not only application/*json, which is the default behaviour

        converter.setSupportedMediaTypes(Collections.singletonList(MediaType.ALL));

        newConverters.add(converter);



        converters.clear();

        converters.addAll(newConverters);

    }

}

Still same error.

java spring maven spring-boot spring-boot-admin

share|improve this question

edited Nov 21 '18 at 21:48

Richard

asked Nov 21 '18 at 21:19

RichardRichard

5211668135

add a comment | 

0

I have a spring boot admin server. Here are the files for the server:

pom.xml

<parent>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-parent</artifactId>

    <version>1.5.17.RELEASE</version>

    <relativePath/> <!-- lookup parent from repository -->

</parent>



<properties>

    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

    <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>

    <java.version>1.8</java.version>

    <spring-boot-admin.version>1.5.7</spring-boot-admin.version>

</properties>



<dependencies>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server</artifactId>

    </dependency>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server-ui</artifactId>

    </dependency>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server-ui-login</artifactId>

    </dependency>

    <dependency>

        <groupId>org.springframework.boot</groupId>

        <artifactId>spring-boot-starter-security</artifactId>

    </dependency>

</dependencies>



<dependencyManagement>

    <dependencies>

        <dependency>

            <groupId>de.codecentric</groupId>

            <artifactId>spring-boot-admin-dependencies</artifactId>

            <version>${spring-boot-admin.version}</version>

            <type>pom</type>

            <scope>import</scope>

        </dependency>

    </dependencies>

</dependencyManagement>



<build>

    <plugins>

        <plugin>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-maven-plugin</artifactId>

        </plugin>

    </plugins>

</build>

application.properties

spring.application.name=spring-boot-admin-server



security.user.name=admin

security.user.password=admin

server.port = 9090

WebSecurityConfig.java

@Configuration

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {



    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http

                .formLogin()

                .loginPage("/login.html")

                .loginProcessingUrl("/login")

                .permitAll();

        http

                .logout().logoutUrl("/logout");

        http

                .csrf().disable();

        http

                .authorizeRequests()

                .antMatchers("/login.html", "/**/*.css", "/img/**", "/third-party/**")

                .permitAll();

        http

                .authorizeRequests()

                .antMatchers("/**")

                .authenticated();

        http.httpBasic();

    }

}

The server is up and running and accessible at localhost:9090. But when I start my client application, it registers to the server but none of the endpoints are accessible because of security I presume.

Here's what the admin page looks like:

For some reason the application always shows as DOWN. I get this error in the server console:

2018-11-21 15:02:21.475  INFO 1893 --- [    updateTask1] d.c.boot.admin.registry.StatusUpdater    : Couldn't retrieve info for Application [id=d83f0885, name=PETE, managementUrl=http://localhost:8081/demo/, healthUrl=http://localhost:8081/demo/health/, serviceUrl=http://localhost:8081/demo/]: 403 - {timestamp=1542834141473, status=403, error=Forbidden, message=Access Denied, path=/demo/login}

My demo application is a web app with a login page. It has the following dependencies:

<dependency>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-actuator</artifactId>

</dependency>

<dependency>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-hateoas</artifactId>

</dependency>

<dependency>

    <groupId>de.codecentric</groupId>

    <artifactId>spring-boot-admin-starter-client</artifactId>

    <version>1.5.7</version>

</dependency>

It has spring boot security, here's the security config class:

@EnableWebSecurity

@EnableGlobalMethodSecurity(prePostEnabled = true)

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

  @Autowired

  private AuthenticationManager authenticationManager;

  @Autowired

  private AuthenticationFailureHandler failureHandler;

  @Autowired

  private JwtAuthenticationProvider jwtAuthenticationProvider;

  @Autowired

  private Environment env;



    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().disable()

                .addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(),

                        UsernamePasswordAuthenticationFilter.class)

                .logout().invalidateHttpSession(true).deleteCookies("token", "JSESSIONID")

                .logoutSuccessUrl(Routes.LOGOUT.getValue()).and().exceptionHandling().accessDeniedPage("/403");

        // Disable HSTS so that "proceed anyways" works for SSL certs

        http.headers().httpStrictTransportSecurity().disable();

    }



    protected JwtTokenAuthenticationProcessingFilter buildJwtTokenAuthenticationProcessingFilter() throws Exception {

        List<String> pathsToSkip = Arrays.asList("/login", "/loginPost", "/login-failure", "/error",

                "/**/*.js", "/**/*.png", "/**/*.css", "/**/*.woff*", "/**/*.ttf");

        SkipPathRequestMatcher matcher = new SkipPathRequestMatcher(pathsToSkip, "/**");

        JwtTokenAuthenticationProcessingFilter filter = new JwtTokenAuthenticationProcessingFilter(failureHandler,

                matcher, env);

        filter.setAuthenticationManager(this.authenticationManager);

        return filter;

    }



    @Bean

    @Override

    public AuthenticationManager authenticationManagerBean() throws Exception {

        return super.authenticationManagerBean();

    }



    @Override

    protected void configure(AuthenticationManagerBuilder auth) {

        auth.authenticationProvider(jwtAuthenticationProvider);

    }



    @Bean(name = "loginAuthenticationRestTemplateBean")

    RestTemplate restTemplate() {

        return new RestTemplate();

    }

}

What do I need to do client side to open up the actuator endpoints so the admin page can access them and show proper status.

Edit 1: There's another error in the admin server console:

org.springframework.web.client.RestClientException: Could not extract response: no suitable HttpMessageConverter found for response type [interface java.util.Map] and content type [text/html;charset=UTF-8]

    at org.springframework.web.client.HttpMessageConverterExtractor.extractData(HttpMessageConverterExtractor.java:110) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate$ResponseEntityResponseExtractor.extractData(RestTemplate.java:932) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate$ResponseEntityResponseExtractor.extractData(RestTemplate.java:916) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:663) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:636) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:557) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at de.codecentric.boot.admin.web.client.ApplicationOperations.doGet(ApplicationOperations.java:68) ~[spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.web.client.ApplicationOperations.getHealth(ApplicationOperations.java:58) ~[spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdater.queryStatus(StatusUpdater.java:111) [spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdater.updateStatus(StatusUpdater.java:65) [spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdateApplicationListener$1.run(StatusUpdateApplicationListener.java:47) [spring-boot-admin-server-1.5.7.jar:na]

    at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) [spring-context-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [na:1.8.0_121]

    at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266) [na:1.8.0_121]

    at java.util.concurrent.FutureTask.run(FutureTask.java) [na:1.8.0_121]

    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) [na:1.8.0_121]

    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) [na:1.8.0_121]

    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_121]

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_121]

    at java.lang.Thread.run(Thread.java:745) [na:1.8.0_121]

I tried adding adding this message converter:

@Configuration

public class WebMvcConfig extends WebMvcConfigurerAdapter {

    /**

     * {@inheritDoc}

     * <p>This implementation is empty.

     *

     * @param converters

     */

    @Override

    public void extendMessageConverters(List<HttpMessageConverter<?>> converters) {

        List<HttpMessageConverter<?>> newConverters = converters.stream().filter(c -> !(c instanceof MappingJackson2HttpMessageConverter)).collect(Collectors.toList());

        MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();

        // Note: here we are making this converter to process any kind of response,

        // not only application/*json, which is the default behaviour

        converter.setSupportedMediaTypes(Collections.singletonList(MediaType.ALL));

        newConverters.add(converter);



        converters.clear();

        converters.addAll(newConverters);

    }

}

Still same error.

java spring maven spring-boot spring-boot-admin

share|improve this question

edited Nov 21 '18 at 21:48

Richard

asked Nov 21 '18 at 21:19

RichardRichard

5211668135

add a comment | 

0

0

0

I have a spring boot admin server. Here are the files for the server:

pom.xml

<parent>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-parent</artifactId>

    <version>1.5.17.RELEASE</version>

    <relativePath/> <!-- lookup parent from repository -->

</parent>



<properties>

    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

    <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>

    <java.version>1.8</java.version>

    <spring-boot-admin.version>1.5.7</spring-boot-admin.version>

</properties>



<dependencies>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server</artifactId>

    </dependency>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server-ui</artifactId>

    </dependency>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server-ui-login</artifactId>

    </dependency>

    <dependency>

        <groupId>org.springframework.boot</groupId>

        <artifactId>spring-boot-starter-security</artifactId>

    </dependency>

</dependencies>



<dependencyManagement>

    <dependencies>

        <dependency>

            <groupId>de.codecentric</groupId>

            <artifactId>spring-boot-admin-dependencies</artifactId>

            <version>${spring-boot-admin.version}</version>

            <type>pom</type>

            <scope>import</scope>

        </dependency>

    </dependencies>

</dependencyManagement>



<build>

    <plugins>

        <plugin>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-maven-plugin</artifactId>

        </plugin>

    </plugins>

</build>

application.properties

spring.application.name=spring-boot-admin-server



security.user.name=admin

security.user.password=admin

server.port = 9090

WebSecurityConfig.java

@Configuration

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {



    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http

                .formLogin()

                .loginPage("/login.html")

                .loginProcessingUrl("/login")

                .permitAll();

        http

                .logout().logoutUrl("/logout");

        http

                .csrf().disable();

        http

                .authorizeRequests()

                .antMatchers("/login.html", "/**/*.css", "/img/**", "/third-party/**")

                .permitAll();

        http

                .authorizeRequests()

                .antMatchers("/**")

                .authenticated();

        http.httpBasic();

    }

}

The server is up and running and accessible at localhost:9090. But when I start my client application, it registers to the server but none of the endpoints are accessible because of security I presume.

Here's what the admin page looks like:

For some reason the application always shows as DOWN. I get this error in the server console:

2018-11-21 15:02:21.475  INFO 1893 --- [    updateTask1] d.c.boot.admin.registry.StatusUpdater    : Couldn't retrieve info for Application [id=d83f0885, name=PETE, managementUrl=http://localhost:8081/demo/, healthUrl=http://localhost:8081/demo/health/, serviceUrl=http://localhost:8081/demo/]: 403 - {timestamp=1542834141473, status=403, error=Forbidden, message=Access Denied, path=/demo/login}

My demo application is a web app with a login page. It has the following dependencies:

<dependency>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-actuator</artifactId>

</dependency>

<dependency>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-hateoas</artifactId>

</dependency>

<dependency>

    <groupId>de.codecentric</groupId>

    <artifactId>spring-boot-admin-starter-client</artifactId>

    <version>1.5.7</version>

</dependency>

It has spring boot security, here's the security config class:

@EnableWebSecurity

@EnableGlobalMethodSecurity(prePostEnabled = true)

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

  @Autowired

  private AuthenticationManager authenticationManager;

  @Autowired

  private AuthenticationFailureHandler failureHandler;

  @Autowired

  private JwtAuthenticationProvider jwtAuthenticationProvider;

  @Autowired

  private Environment env;



    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().disable()

                .addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(),

                        UsernamePasswordAuthenticationFilter.class)

                .logout().invalidateHttpSession(true).deleteCookies("token", "JSESSIONID")

                .logoutSuccessUrl(Routes.LOGOUT.getValue()).and().exceptionHandling().accessDeniedPage("/403");

        // Disable HSTS so that "proceed anyways" works for SSL certs

        http.headers().httpStrictTransportSecurity().disable();

    }



    protected JwtTokenAuthenticationProcessingFilter buildJwtTokenAuthenticationProcessingFilter() throws Exception {

        List<String> pathsToSkip = Arrays.asList("/login", "/loginPost", "/login-failure", "/error",

                "/**/*.js", "/**/*.png", "/**/*.css", "/**/*.woff*", "/**/*.ttf");

        SkipPathRequestMatcher matcher = new SkipPathRequestMatcher(pathsToSkip, "/**");

        JwtTokenAuthenticationProcessingFilter filter = new JwtTokenAuthenticationProcessingFilter(failureHandler,

                matcher, env);

        filter.setAuthenticationManager(this.authenticationManager);

        return filter;

    }



    @Bean

    @Override

    public AuthenticationManager authenticationManagerBean() throws Exception {

        return super.authenticationManagerBean();

    }



    @Override

    protected void configure(AuthenticationManagerBuilder auth) {

        auth.authenticationProvider(jwtAuthenticationProvider);

    }



    @Bean(name = "loginAuthenticationRestTemplateBean")

    RestTemplate restTemplate() {

        return new RestTemplate();

    }

}

What do I need to do client side to open up the actuator endpoints so the admin page can access them and show proper status.

Edit 1: There's another error in the admin server console:

org.springframework.web.client.RestClientException: Could not extract response: no suitable HttpMessageConverter found for response type [interface java.util.Map] and content type [text/html;charset=UTF-8]

    at org.springframework.web.client.HttpMessageConverterExtractor.extractData(HttpMessageConverterExtractor.java:110) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate$ResponseEntityResponseExtractor.extractData(RestTemplate.java:932) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate$ResponseEntityResponseExtractor.extractData(RestTemplate.java:916) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:663) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:636) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:557) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at de.codecentric.boot.admin.web.client.ApplicationOperations.doGet(ApplicationOperations.java:68) ~[spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.web.client.ApplicationOperations.getHealth(ApplicationOperations.java:58) ~[spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdater.queryStatus(StatusUpdater.java:111) [spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdater.updateStatus(StatusUpdater.java:65) [spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdateApplicationListener$1.run(StatusUpdateApplicationListener.java:47) [spring-boot-admin-server-1.5.7.jar:na]

    at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) [spring-context-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [na:1.8.0_121]

    at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266) [na:1.8.0_121]

    at java.util.concurrent.FutureTask.run(FutureTask.java) [na:1.8.0_121]

    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) [na:1.8.0_121]

    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) [na:1.8.0_121]

    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_121]

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_121]

    at java.lang.Thread.run(Thread.java:745) [na:1.8.0_121]

I tried adding adding this message converter:

@Configuration

public class WebMvcConfig extends WebMvcConfigurerAdapter {

    /**

     * {@inheritDoc}

     * <p>This implementation is empty.

     *

     * @param converters

     */

    @Override

    public void extendMessageConverters(List<HttpMessageConverter<?>> converters) {

        List<HttpMessageConverter<?>> newConverters = converters.stream().filter(c -> !(c instanceof MappingJackson2HttpMessageConverter)).collect(Collectors.toList());

        MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();

        // Note: here we are making this converter to process any kind of response,

        // not only application/*json, which is the default behaviour

        converter.setSupportedMediaTypes(Collections.singletonList(MediaType.ALL));

        newConverters.add(converter);



        converters.clear();

        converters.addAll(newConverters);

    }

}

Still same error.

java spring maven spring-boot spring-boot-admin

share|improve this question

edited Nov 21 '18 at 21:48

Richard

asked Nov 21 '18 at 21:19

RichardRichard

5211668135

I have a spring boot admin server. Here are the files for the server:

pom.xml

<parent>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-parent</artifactId>

    <version>1.5.17.RELEASE</version>

    <relativePath/> <!-- lookup parent from repository -->

</parent>



<properties>

    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

    <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>

    <java.version>1.8</java.version>

    <spring-boot-admin.version>1.5.7</spring-boot-admin.version>

</properties>



<dependencies>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server</artifactId>

    </dependency>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server-ui</artifactId>

    </dependency>

    <dependency>

        <groupId>de.codecentric</groupId>

        <artifactId>spring-boot-admin-server-ui-login</artifactId>

    </dependency>

    <dependency>

        <groupId>org.springframework.boot</groupId>

        <artifactId>spring-boot-starter-security</artifactId>

    </dependency>

</dependencies>



<dependencyManagement>

    <dependencies>

        <dependency>

            <groupId>de.codecentric</groupId>

            <artifactId>spring-boot-admin-dependencies</artifactId>

            <version>${spring-boot-admin.version}</version>

            <type>pom</type>

            <scope>import</scope>

        </dependency>

    </dependencies>

</dependencyManagement>



<build>

    <plugins>

        <plugin>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-maven-plugin</artifactId>

        </plugin>

    </plugins>

</build>

application.properties

spring.application.name=spring-boot-admin-server



security.user.name=admin

security.user.password=admin

server.port = 9090

WebSecurityConfig.java

@Configuration

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {



    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http

                .formLogin()

                .loginPage("/login.html")

                .loginProcessingUrl("/login")

                .permitAll();

        http

                .logout().logoutUrl("/logout");

        http

                .csrf().disable();

        http

                .authorizeRequests()

                .antMatchers("/login.html", "/**/*.css", "/img/**", "/third-party/**")

                .permitAll();

        http

                .authorizeRequests()

                .antMatchers("/**")

                .authenticated();

        http.httpBasic();

    }

}

The server is up and running and accessible at localhost:9090. But when I start my client application, it registers to the server but none of the endpoints are accessible because of security I presume.

Here's what the admin page looks like:

For some reason the application always shows as DOWN. I get this error in the server console:

2018-11-21 15:02:21.475  INFO 1893 --- [    updateTask1] d.c.boot.admin.registry.StatusUpdater    : Couldn't retrieve info for Application [id=d83f0885, name=PETE, managementUrl=http://localhost:8081/demo/, healthUrl=http://localhost:8081/demo/health/, serviceUrl=http://localhost:8081/demo/]: 403 - {timestamp=1542834141473, status=403, error=Forbidden, message=Access Denied, path=/demo/login}

My demo application is a web app with a login page. It has the following dependencies:

<dependency>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-actuator</artifactId>

</dependency>

<dependency>

    <groupId>org.springframework.boot</groupId>

    <artifactId>spring-boot-starter-hateoas</artifactId>

</dependency>

<dependency>

    <groupId>de.codecentric</groupId>

    <artifactId>spring-boot-admin-starter-client</artifactId>

    <version>1.5.7</version>

</dependency>

It has spring boot security, here's the security config class:

@EnableWebSecurity

@EnableGlobalMethodSecurity(prePostEnabled = true)

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

  @Autowired

  private AuthenticationManager authenticationManager;

  @Autowired

  private AuthenticationFailureHandler failureHandler;

  @Autowired

  private JwtAuthenticationProvider jwtAuthenticationProvider;

  @Autowired

  private Environment env;



    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().disable()

                .addFilterBefore(buildJwtTokenAuthenticationProcessingFilter(),

                        UsernamePasswordAuthenticationFilter.class)

                .logout().invalidateHttpSession(true).deleteCookies("token", "JSESSIONID")

                .logoutSuccessUrl(Routes.LOGOUT.getValue()).and().exceptionHandling().accessDeniedPage("/403");

        // Disable HSTS so that "proceed anyways" works for SSL certs

        http.headers().httpStrictTransportSecurity().disable();

    }



    protected JwtTokenAuthenticationProcessingFilter buildJwtTokenAuthenticationProcessingFilter() throws Exception {

        List<String> pathsToSkip = Arrays.asList("/login", "/loginPost", "/login-failure", "/error",

                "/**/*.js", "/**/*.png", "/**/*.css", "/**/*.woff*", "/**/*.ttf");

        SkipPathRequestMatcher matcher = new SkipPathRequestMatcher(pathsToSkip, "/**");

        JwtTokenAuthenticationProcessingFilter filter = new JwtTokenAuthenticationProcessingFilter(failureHandler,

                matcher, env);

        filter.setAuthenticationManager(this.authenticationManager);

        return filter;

    }



    @Bean

    @Override

    public AuthenticationManager authenticationManagerBean() throws Exception {

        return super.authenticationManagerBean();

    }



    @Override

    protected void configure(AuthenticationManagerBuilder auth) {

        auth.authenticationProvider(jwtAuthenticationProvider);

    }



    @Bean(name = "loginAuthenticationRestTemplateBean")

    RestTemplate restTemplate() {

        return new RestTemplate();

    }

}

What do I need to do client side to open up the actuator endpoints so the admin page can access them and show proper status.

Edit 1: There's another error in the admin server console:

org.springframework.web.client.RestClientException: Could not extract response: no suitable HttpMessageConverter found for response type [interface java.util.Map] and content type [text/html;charset=UTF-8]

    at org.springframework.web.client.HttpMessageConverterExtractor.extractData(HttpMessageConverterExtractor.java:110) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate$ResponseEntityResponseExtractor.extractData(RestTemplate.java:932) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate$ResponseEntityResponseExtractor.extractData(RestTemplate.java:916) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:663) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:636) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:557) ~[spring-web-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at de.codecentric.boot.admin.web.client.ApplicationOperations.doGet(ApplicationOperations.java:68) ~[spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.web.client.ApplicationOperations.getHealth(ApplicationOperations.java:58) ~[spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdater.queryStatus(StatusUpdater.java:111) [spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdater.updateStatus(StatusUpdater.java:65) [spring-boot-admin-server-1.5.7.jar:na]

    at de.codecentric.boot.admin.registry.StatusUpdateApplicationListener$1.run(StatusUpdateApplicationListener.java:47) [spring-boot-admin-server-1.5.7.jar:na]

    at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) [spring-context-4.3.20.RELEASE.jar:4.3.20.RELEASE]

    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [na:1.8.0_121]

    at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266) [na:1.8.0_121]

    at java.util.concurrent.FutureTask.run(FutureTask.java) [na:1.8.0_121]

    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) [na:1.8.0_121]

    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) [na:1.8.0_121]

    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_121]

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_121]

    at java.lang.Thread.run(Thread.java:745) [na:1.8.0_121]

I tried adding adding this message converter:

@Configuration

public class WebMvcConfig extends WebMvcConfigurerAdapter {

    /**

     * {@inheritDoc}

     * <p>This implementation is empty.

     *

     * @param converters

     */

    @Override

    public void extendMessageConverters(List<HttpMessageConverter<?>> converters) {

        List<HttpMessageConverter<?>> newConverters = converters.stream().filter(c -> !(c instanceof MappingJackson2HttpMessageConverter)).collect(Collectors.toList());

        MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();

        // Note: here we are making this converter to process any kind of response,

        // not only application/*json, which is the default behaviour

        converter.setSupportedMediaTypes(Collections.singletonList(MediaType.ALL));

        newConverters.add(converter);



        converters.clear();

        converters.addAll(newConverters);

    }

}

Still same error.

java spring maven spring-boot spring-boot-admin

java spring maven spring-boot spring-boot-admin

share|improve this question

edited Nov 21 '18 at 21:48

Richard

asked Nov 21 '18 at 21:19

RichardRichard

5211668135

share|improve this question

edited Nov 21 '18 at 21:48

Richard

asked Nov 21 '18 at 21:19

RichardRichard

5211668135

share|improve this question

share|improve this question

edited Nov 21 '18 at 21:48

Richard

edited Nov 21 '18 at 21:48

Richard

edited Nov 21 '18 at 21:48

Richard

asked Nov 21 '18 at 21:19

RichardRichard

5211668135

asked Nov 21 '18 at 21:19

RichardRichard

5211668135

asked Nov 21 '18 at 21:19

RichardRichard

5211668135

5211668135

add a comment | 

add a comment | 

1 Answer
1

active

oldest

votes

0

As per the this documentation just setting the below property should expose the actuator end points without security.

management.security.enabled=false

If still does not works out then you may need to modify your client side configure(HttpSecurity) method something like below

'''

        .authorizeRequests()

        .antMatchers("/actuator-end-points").permitAll()

        .and()

        .addFilterBefore(jwtTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)

'''

share|improve this answer

answered Nov 23 '18 at 17:48

bittubittu

367110

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

Thanks for contributing an answer to Stack Overflow!

• Please be sure to answer the question. Provide details and share your research!

But avoid …

• Asking for help, clarification, or responding to other answers.


• Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53420616%2fspring-boot-admin-page-client-open-endpoints%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

1 Answer
1

active

oldest

votes

1 Answer
1

active

oldest

votes

active

oldest

votes

active

oldest

votes

0

As per the this documentation just setting the below property should expose the actuator end points without security.

management.security.enabled=false

If still does not works out then you may need to modify your client side configure(HttpSecurity) method something like below

'''

        .authorizeRequests()

        .antMatchers("/actuator-end-points").permitAll()

        .and()

        .addFilterBefore(jwtTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)

'''

share|improve this answer

answered Nov 23 '18 at 17:48

bittubittu

367110

add a comment | 

0

As per the this documentation just setting the below property should expose the actuator end points without security.

management.security.enabled=false

If still does not works out then you may need to modify your client side configure(HttpSecurity) method something like below

'''

        .authorizeRequests()

        .antMatchers("/actuator-end-points").permitAll()

        .and()

        .addFilterBefore(jwtTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)

'''

share|improve this answer

answered Nov 23 '18 at 17:48

bittubittu

367110

add a comment | 

0

0

0

As per the this documentation just setting the below property should expose the actuator end points without security.

management.security.enabled=false

If still does not works out then you may need to modify your client side configure(HttpSecurity) method something like below

'''

        .authorizeRequests()

        .antMatchers("/actuator-end-points").permitAll()

        .and()

        .addFilterBefore(jwtTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)

'''

share|improve this answer

answered Nov 23 '18 at 17:48

bittubittu

367110

As per the this documentation just setting the below property should expose the actuator end points without security.

management.security.enabled=false

If still does not works out then you may need to modify your client side configure(HttpSecurity) method something like below

'''

        .authorizeRequests()

        .antMatchers("/actuator-end-points").permitAll()

        .and()

        .addFilterBefore(jwtTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)

'''

share|improve this answer

answered Nov 23 '18 at 17:48

bittubittu

367110

share|improve this answer

share|improve this answer

answered Nov 23 '18 at 17:48

bittubittu

367110

answered Nov 23 '18 at 17:48

bittubittu

367110

answered Nov 23 '18 at 17:48

bittubittu

367110

367110

add a comment | 

add a comment | 

Thanks for contributing an answer to Stack Overflow!

• Please be sure to answer the question. Provide details and share your research!

But avoid …

• Asking for help, clarification, or responding to other answers.


• Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Thanks for contributing an answer to Stack Overflow!

• Please be sure to answer the question. Provide details and share your research!

But avoid …

• Asking for help, clarification, or responding to other answers.


• Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53420616%2fspring-boot-admin-page-client-open-endpoints%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

Name

Name

Email

Required, but never shown

Email

Required, but never shown

Email

Required, but never shown

Email

Required, but never shown

Name

Name

Email

Required, but never shown

Email

Required, but never shown

Email

Required, but never shown

Email

Required, but never shown

This page is only for reference, If you need detailed information, please check here