|
|
@ -2403,6 +2403,22 @@ how to register handlers in the servlet container.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[[howto-sanitize-sensible-values]]
|
|
|
|
|
|
|
|
=== Sanitize sensible values
|
|
|
|
|
|
|
|
Information returned by the `env` and `configprops` endpoints can be somewhat sensitive
|
|
|
|
|
|
|
|
so keys matching a certain pattern are sanitized by default (i.e. their values are
|
|
|
|
|
|
|
|
replaced by `******`).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Spring Boot uses sensible defaults for such keys: for instance, any key ending with the
|
|
|
|
|
|
|
|
word "password", "secret", "key" or "token" is sanitized. It is also possible to use a
|
|
|
|
|
|
|
|
regular expression instead, such as `*credentials.*` to sanitize any key that holds the
|
|
|
|
|
|
|
|
word `credentials` as part of the key.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The patterns to use can be customized using the `endpoints.env.keys-to-sanitize` and
|
|
|
|
|
|
|
|
`endpoints.configprops.keys-to-sanitize` respectively.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[[howto-use-actuator-with-jersey]]
|
|
|
|
[[howto-use-actuator-with-jersey]]
|
|
|
|
=== Actuator and Jersey
|
|
|
|
=== Actuator and Jersey
|
|
|
|
Actuator HTTP endpoints are only available for Spring MVC-based applications. If you want
|
|
|
|
Actuator HTTP endpoints are only available for Spring MVC-based applications. If you want
|
|
|
|