Spring Boot’s actuator module includes additional support that is activated when you
deploy to a compatible Cloud Foundry instance. The /cloudfoundryapplication path
provides an alternative secured route to all NamedMvcEndpoint beans.
The extended support allows Cloud Foundry management UIs (such as the web application that you can use to view deployed applications) to be augmented with Spring Boot actuator information. For example, an application status page may include full health information instead of the typical “running” or “stopped” status.
![[Note]](images/note.png) | Note |
|---|---|
The |
If you want to fully disable the /cloudfoundryapplication endpoints you can add the
following to your application.properties file:
application.properties.
management.cloudfoundry.enabled=false
By default, the security verification for /cloudfoundryapplication endpoints makes SSL
calls to various Cloud Foundry services. If your Cloud Foundry UAA or Cloud Controller
services use self-signed certificates you will need to set the following property:
application.properties.
management.cloudfoundry.skip-ssl-validation=true
If you define custom security configuration, and you want extended Cloud Foundry actuator
support, you’ll should ensure that /cloudfoundryapplication/** paths are open. Without
a direct open route, your Cloud Foundry application manager will not be able to obtain
endpoint data.
For Spring Security, you’ll typically include something like
mvcMatchers("/cloudfoundryapplication/**").permitAll() in your configuration:
@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .mvcMatchers("/cloudfoundryapplication/**") .permitAll() .mvcMatchers("/mypath") .hasAnyRole("SUPERUSER") .anyRequest() .authenticated().and() .httpBasic(); }