use of org.springframework.boot.actuate.endpoint.mvc.MvcEndpointSecurityInterceptor in project spring-boot by spring-projects.
the class EndpointWebMvcManagementContextConfigurationTests method endpointHandlerMapping.
@Test
public void endpointHandlerMapping() throws Exception {
EnvironmentTestUtils.addEnvironment(this.context, "management.security.enabled=false", "management.security.roles=my-role,your-role");
this.context.refresh();
EndpointHandlerMapping mapping = this.context.getBean("endpointHandlerMapping", EndpointHandlerMapping.class);
assertThat(mapping.getPrefix()).isEmpty();
MvcEndpointSecurityInterceptor securityInterceptor = (MvcEndpointSecurityInterceptor) ReflectionTestUtils.getField(mapping, "securityInterceptor");
Object secure = ReflectionTestUtils.getField(securityInterceptor, "secure");
List<String> roles = getRoles(securityInterceptor);
assertThat(secure).isEqualTo(false);
assertThat(roles).containsExactly("my-role", "your-role");
}
use of org.springframework.boot.actuate.endpoint.mvc.MvcEndpointSecurityInterceptor in project spring-boot by spring-projects.
the class EndpointWebMvcManagementContextConfiguration method endpointHandlerMapping.
@Bean
@ConditionalOnMissingBean
public EndpointHandlerMapping endpointHandlerMapping() {
Set<MvcEndpoint> endpoints = mvcEndpoints().getEndpoints();
CorsConfiguration corsConfiguration = getCorsConfiguration(this.corsProperties);
EndpointHandlerMapping mapping = new EndpointHandlerMapping(endpoints, corsConfiguration);
mapping.setPrefix(this.managementServerProperties.getContextPath());
MvcEndpointSecurityInterceptor securityInterceptor = new MvcEndpointSecurityInterceptor(this.managementServerProperties.getSecurity().isEnabled(), this.managementServerProperties.getSecurity().getRoles());
mapping.setSecurityInterceptor(securityInterceptor);
for (EndpointHandlerMappingCustomizer customizer : this.mappingCustomizers) {
customizer.customize(mapping);
}
return mapping;
}
Aggregations