Already done that.. Thanks for the idea.. On my webservice project I am
doing this:
http
.authorizeRequests()
.antMatchers("/services/**").hasRole("USER").and().httpBasic().and().
csrf().disable();
http
.authorizeRequests()
.antMatchers("/actuator/**").hasRole("ACTUATOR").and().httpBasic().and().
csrf().disable();
And its working fine, I am wondering if its because my mountpoints for
wicket all are mapped to root like /home /login .. Which could conflict
with /actuator?
On Thu, Jan 24, 2019 at 3:01 PM Andrea Del Bene <an.delb...@gmail.com>
wrote:
> I had a problem with Spring Boot 2 and actuator as many of them are
> disabled by default in the new version. I don't know if this is the case
> for you, but I would try enabling all of them via config file. For example
> with yml is something like:
>
> management:
> endpoints:
> web:
> exposure:
> include: "*"
>
> On Thu, Jan 24, 2019 at 2:55 PM nino martinez wael <
> nino.martinez.w...@gmail.com> wrote:
>
> > Hope its okay to use the wicket user mailing list for this:)
> >
> > First of all thanks to MarcGiffing for making the project. But I cannot
> get
> > actuator endpoints to work with spring security and wicket spring boot..
> > I've tried a lot of things..
> >
> > IN my WebSecurityConfigurerAdapter:
> >
> > http
> >
> >
> >
> .authorizeRequests().antMatchers("/actuator/**","/actuator").hasRole("ACTUATOR").and().httpBasic();
> >
> > http
> > .csrf().disable()
> > .authorizeRequests().anyRequest().permitAll()
> > .and()
> > .logout()
> > .permitAll();
> > http.headers().frameOptions().disable();
> >
> > But that just disables actuator and messes with the Wicket side of the
> > security.. Any one have some clues=
> >
> > --
> > Best regards / Med venlig hilsen
> > Nino Martinez
> >
>
>
> --
> Andrea Del Bene.
> Apache Wicket committer.
>
--
Best regards / Med venlig hilsen
Nino Martinez
