Merge pull request #14985 from alonbl

* pr/14985:
  Polish contribution
  Allow to disable SSL client authentication on the management port
pull/15325/head
Stephane Nicoll 6 years ago
commit c6a070b0f0

@ -303,7 +303,7 @@
}, },
{ {
"name": "management.server.ssl.client-auth", "name": "management.server.ssl.client-auth",
"description": "Whether client authentication is wanted (\"want\") or needed (\"need\"). Requires a trust store." "description": "Whether client authentication is not wanted (\"none\"), wanted (\"want\") or needed (\"need\"). Requires a trust store."
}, },
{ {
"name": "management.server.ssl.enabled", "name": "management.server.ssl.enabled",

@ -136,7 +136,7 @@
}, },
{ {
"name": "server.ssl.client-auth", "name": "server.ssl.client-auth",
"description": "Whether client authentication is wanted (\"want\") or needed (\"need\"). Requires a trust store." "description": "Whether client authentication is not wanted (\"none\"), wanted (\"want\") or needed (\"need\"). Requires a trust store."
}, },
{ {
"name": "server.ssl.enabled", "name": "server.ssl.enabled",

@ -233,7 +233,7 @@ content into your application. Rather, pick only the properties that you need.
server.servlet.session.timeout=30m # Session timeout. If a duration suffix is not specified, seconds will be used. server.servlet.session.timeout=30m # Session timeout. If a duration suffix is not specified, seconds will be used.
server.servlet.session.tracking-modes= # Session tracking modes. server.servlet.session.tracking-modes= # Session tracking modes.
server.ssl.ciphers= # Supported SSL ciphers. server.ssl.ciphers= # Supported SSL ciphers.
server.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store. server.ssl.client-auth= # Whether client authentication is not wanted ("none"), wanted ("want") or needed ("need"). Requires a trust store.
server.ssl.enabled=true # Whether to enable SSL support. server.ssl.enabled=true # Whether to enable SSL support.
server.ssl.enabled-protocols= # Enabled SSL protocols. server.ssl.enabled-protocols= # Enabled SSL protocols.
server.ssl.key-alias= # Alias that identifies the key in the key store. server.ssl.key-alias= # Alias that identifies the key in the key store.
@ -1205,7 +1205,7 @@ content into your application. Rather, pick only the properties that you need.
management.server.port= # Management endpoint HTTP port (uses the same port as the application by default). Configure a different port to use management-specific SSL. management.server.port= # Management endpoint HTTP port (uses the same port as the application by default). Configure a different port to use management-specific SSL.
management.server.servlet.context-path= # Management endpoint context-path (for instance, `/management`). Requires a custom management.server.port. management.server.servlet.context-path= # Management endpoint context-path (for instance, `/management`). Requires a custom management.server.port.
management.server.ssl.ciphers= # Supported SSL ciphers. management.server.ssl.ciphers= # Supported SSL ciphers.
management.server.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store. management.server.ssl.client-auth= # Whether client authentication is not wanted ("none"), wanted ("want") or needed ("need"). Requires a trust store.
management.server.ssl.enabled=true # Whether to enable SSL support. management.server.ssl.enabled=true # Whether to enable SSL support.
management.server.ssl.enabled-protocols= # Enabled SSL protocols. management.server.ssl.enabled-protocols= # Enabled SSL protocols.
management.server.ssl.key-alias= # Alias that identifies the key in the key store. management.server.ssl.key-alias= # Alias that identifies the key in the key store.

@ -69,8 +69,8 @@ public class Ssl {
} }
/** /**
* Return Whether client authentication is wanted ("want") or needed ("need"). * Return Whether client authentication is not wanted ("none"), wanted ("want") or
* Requires a trust store. * needed ("need"). Requires a trust store.
* @return the {@link ClientAuth} to use * @return the {@link ClientAuth} to use
*/ */
public ClientAuth getClientAuth() { public ClientAuth getClientAuth() {
@ -243,6 +243,11 @@ public class Ssl {
*/ */
public enum ClientAuth { public enum ClientAuth {
/**
* Client authentication is not wanted.
*/
NONE,
/** /**
* Client authentication is wanted but not mandatory. * Client authentication is wanted but not mandatory.
*/ */

Loading…
Cancel
Save