From 3546ae399eb91fc6db50d097da9d9de5f833d478 Mon Sep 17 00:00:00 2001 From: Alex Antonov Date: Fri, 27 May 2016 10:52:23 -0500 Subject: [PATCH] Allow management server SSL to be configured independently Closes gh-6057 --- ...dpointWebMvcChildContextConfiguration.java | 3 +++ .../ManagementServerProperties.java | 13 ++++++++++ .../EndpointWebMvcAutoConfigurationTests.java | 26 +++++++++++++++++++ 3 files changed, 42 insertions(+) diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/EndpointWebMvcChildContextConfiguration.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/EndpointWebMvcChildContextConfiguration.java index d765209410c..a61a32dceb4 100644 --- a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/EndpointWebMvcChildContextConfiguration.java +++ b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/EndpointWebMvcChildContextConfiguration.java @@ -188,6 +188,9 @@ public class EndpointWebMvcChildContextConfiguration { container.setContextPath(""); // and add the management-specific bits container.setPort(this.managementServerProperties.getPort()); + if (this.managementServerProperties.getSsl() != null) { + container.setSsl(this.managementServerProperties.getSsl()); + } container.setServerHeader(this.server.getServerHeader()); container.setAddress(this.managementServerProperties.getAddress()); container.addErrorPages(new ErrorPage(this.server.getError().getPath())); diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ManagementServerProperties.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ManagementServerProperties.java index 7821ea8afd8..0c7447bc71b 100644 --- a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ManagementServerProperties.java +++ b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ManagementServerProperties.java @@ -25,7 +25,9 @@ import javax.validation.constraints.NotNull; import org.springframework.boot.autoconfigure.security.SecurityPrerequisite; import org.springframework.boot.autoconfigure.security.SecurityProperties; import org.springframework.boot.autoconfigure.web.ServerProperties; +import org.springframework.boot.context.embedded.Ssl; import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.boot.context.properties.NestedConfigurationProperty; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.util.ClassUtils; import org.springframework.util.StringUtils; @@ -68,6 +70,9 @@ public class ManagementServerProperties implements SecurityPrerequisite { */ private Integer port; + @NestedConfigurationProperty + private Ssl ssl; + /** * Network address that the management endpoints should bind to. */ @@ -112,6 +117,14 @@ public class ManagementServerProperties implements SecurityPrerequisite { this.port = port; } + public Ssl getSsl() { + return this.ssl; + } + + public void setSsl(Ssl ssl) { + this.ssl = ssl; + } + public InetAddress getAddress() { return this.address; } diff --git a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/autoconfigure/EndpointWebMvcAutoConfigurationTests.java b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/autoconfigure/EndpointWebMvcAutoConfigurationTests.java index 34982b826f8..19984d9200c 100644 --- a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/autoconfigure/EndpointWebMvcAutoConfigurationTests.java +++ b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/autoconfigure/EndpointWebMvcAutoConfigurationTests.java @@ -175,6 +175,32 @@ public class EndpointWebMvcAutoConfigurationTests { assertThat(interceptors).hasSize(1); } + @Test + public void onDifferentPortManagementSslDisabled() throws Exception { + EnvironmentTestUtils.addEnvironment(this.applicationContext, + "management.ssl.enabled:false"); + this.applicationContext.register(RootConfig.class, EndpointConfig.class, + DifferentPortConfig.class, BaseConfiguration.class, + EndpointWebMvcAutoConfiguration.class, ErrorMvcAutoConfiguration.class); + this.applicationContext.refresh(); + assertContent("/controller", ports.get().server, "controlleroutput"); + assertContent("/endpoint", ports.get().server, null); + assertContent("/controller", ports.get().management, null); + assertContent("/endpoint", ports.get().management, "endpointoutput"); + assertContent("/error", ports.get().management, startsWith("{")); + ApplicationContext managementContext = this.applicationContext + .getBean(ManagementContextResolver.class).getApplicationContext(); + List interceptors = (List) ReflectionTestUtils.getField( + managementContext.getBean(EndpointHandlerMapping.class), "interceptors"); + assertThat(interceptors).hasSize(1); + ManagementServerProperties managementServerProperties = this.applicationContext + .getBean(ManagementServerProperties.class); + assertThat(managementServerProperties.getSsl()).isNotNull(); + assertThat(managementServerProperties.getSsl().isEnabled()).isFalse(); + this.applicationContext.close(); + assertAllClosed(); + } + @Test public void onDifferentPortWithSpecificContainer() throws Exception { this.applicationContext.register(SpecificContainerConfig.class, RootConfig.class,