Spring Boot’s actuator module includes additional support that is activated when you
deploy to a compatible Cloud Foundry instance. The /cloudfoundryapplication path
provides an alternative secured route to all @Endpoint beans.
The extended support lets Cloud Foundry management UIs (such as the web application that you can use to view deployed applications) be augmented with Spring Boot actuator information. For example, an application status page may include full health information instead of the typical “running” or “stopped” status.
![[Note]](images/note.png) | Note |
|---|---|
The |
If you want to fully disable the /cloudfoundryapplication endpoints, you can add the
following setting to your application.properties file:
application.properties.
management.cloudfoundry.enabled=false
By default, the security verification for /cloudfoundryapplication endpoints makes SSL
calls to various Cloud Foundry services. If your Cloud Foundry UAA or Cloud Controller
services use self-signed certificates, you need to set the following property:
application.properties.
management.cloudfoundry.skip-ssl-validation=true
If you define custom security configuration and you want extended Cloud Foundry actuator
support, you should ensure that /cloudfoundryapplication/** paths are open. Without a
direct open route, your Cloud Foundry application manager is not able to obtain endpoint
data.
For Spring Security, you typically include something like
mvcMatchers("/cloudfoundryapplication/**").permitAll() in your configuration, as shown
in the following example:
@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .mvcMatchers("/cloudfoundryapplication/**") .permitAll() .mvcMatchers("/mypath") .hasAnyRole("SUPERUSER") .anyRequest() .authenticated().and() .httpBasic(); }