springspring-bootadminnetflix-eurekafeign

Feign client to Spring Boot Admin via Eureka?


I need to invoke the Spring Boot Admin /actuator/health endpoint through Eureka.
I created a basic Feign client to access the endpoint, but I don't know how to login to Spring Boot Admin and pass in the authentication context to the /actuator/health call.

I suppose there's some necessary configuration on the Spring Boot Admin server side I don't know about.

Here's my client:

@FeignClient(name = "kyc-admin")
@RequestMapping("/actuator")
public interface SpringBootAdminClient {

    @RequestMapping(method = RequestMethod.GET, value = "/health")
    String getHealth();
}

I don't really know much about Spring Security configuration.

Has anyone ever done that?


Solution

  • It's just standard Basic auth which is one of two ways:

    1. encode the username & password in the URL which isn't really recommended since the creds are not even remotely "hidden".
    2. pass it in the Authorization header where its base64 encoded, which also isn't all that secure since anybody can decode that.

    In both cases, if your client application isn't securely storing the credentials and your Spring Boot Admin app isn't using SSL, then any security is pretty much worthless because anyone can grab the credentials in either method.

    You can harden your Spring Boot Admin app with better security, but basic auth is what's out of the box.

    As a side note, unless this is for a personal project or a company with no budget, I wouldn't even bother with Spring Boot Admin and would recommend using a real APM (i.e. Datadog or similar) then you don't even need to mess around with actuator or Admin since Datadog auto instruments your app and everything related to it like databases, etc.