From 43a3fbf449098ffc2a881405f1a76e11a8d5386b Mon Sep 17 00:00:00 2001 From: Moritz Halbritter Date: Fri, 27 Oct 2023 14:16:48 +0200 Subject: [PATCH] Move "Sanitize Sensitive Values" in docs Closes gh-35917 --- .../src/docs/asciidoc/endpoints/env.adoc | 3 +- .../src/docs/asciidoc/actuator/endpoints.adoc | 33 ++++++++++++++++++ .../docs/asciidoc/anchor-rewrite.properties | 4 +++ .../src/docs/asciidoc/howto/actuator.adoc | 34 ++----------------- 4 files changed, 41 insertions(+), 33 deletions(-) diff --git a/spring-boot-project/spring-boot-actuator-autoconfigure/src/docs/asciidoc/endpoints/env.adoc b/spring-boot-project/spring-boot-actuator-autoconfigure/src/docs/asciidoc/endpoints/env.adoc index ac5f2a7568e..4e75bfec4f2 100644 --- a/spring-boot-project/spring-boot-actuator-autoconfigure/src/docs/asciidoc/endpoints/env.adoc +++ b/spring-boot-project/spring-boot-actuator-autoconfigure/src/docs/asciidoc/endpoints/env.adoc @@ -14,6 +14,7 @@ The resulting response is similar to the following: include::{snippets}/env/all/http-response.adoc[] +NOTE: Sanitization of sensitive values has been switched off for this example. [[env.entire.response-structure]] @@ -37,7 +38,7 @@ The resulting response is similar to the following: include::{snippets}/env/single/http-response.adoc[] - +NOTE: Sanitization of sensitive values has been switched off for this example. [[env.single-property.response-structure]] === Response Structure diff --git a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/actuator/endpoints.adoc b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/actuator/endpoints.adoc index ba79353f656..d28e29b5c89 100644 --- a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/actuator/endpoints.adoc +++ b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/actuator/endpoints.adoc @@ -33,9 +33,11 @@ The following technology-agnostic endpoints are available: | `configprops` | Displays a collated list of all `@ConfigurationProperties`. +Subject to <>. | `env` | Exposes properties from Spring's `ConfigurableEnvironment`. +Subject to <>. | `flyway` | Shows any Flyway database migrations that have been applied. @@ -70,6 +72,7 @@ The following technology-agnostic endpoints are available: |`quartz` |Shows information about Quartz Scheduler jobs. +Subject to <>. | `scheduledtasks` | Displays the scheduled tasks in your application. @@ -277,6 +280,36 @@ NOTE: The `management.endpoint.` prefix uniquely identifies the endpoint t +[[actuator.endpoints.sanitization]] +=== Sanitize Sensitive Values +Information returned by the `/env`, `/configprops` and `/quartz` endpoints can be somewhat sensitive. +All values are sanitized by default (that is replaced by `+******+`). +Viewing original values in the unsanitized form can be configured per endpoint using the `showValues` property for that endpoint. +This property can be configured to have the following values: + +- `ALWAYS` - all values are shown in their unsanitized form to all users +- `NEVER` - all values are always sanitized (that is replaced by `+******+`) +- `WHEN_AUTHORIZED` - all values are shown in their unsanitized form to authorized users + +For HTTP endpoints, a user is considered to be authorized if they have authenticated and have the roles configured by the endpoint's roles property. +By default, any authenticated user is authorized. +For JMX endpoints, all users are always authorized. + +[source,yaml,indent=0,subs="verbatim",configprops,configblocks] +---- + management: + endpoint: + env: + show-values: WHEN_AUTHORIZED + roles: "admin" +---- + +The configuration above enables the ability for all users with the `admin` role to view all values in their original form from the `/env` endpoint. + +NOTE: When `show-values` is set to `ALWAYS` or `WHEN_AUTHORIZED` any sanitization applied by a `<>` will still be applied. + + + [[actuator.endpoints.hypermedia]] === Hypermedia for Actuator Web Endpoints A "`discovery page`" is added with links to all the endpoints. diff --git a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/anchor-rewrite.properties b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/anchor-rewrite.properties index 44916e5ae4a..28d04c3b8f5 100644 --- a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/anchor-rewrite.properties +++ b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/anchor-rewrite.properties @@ -1013,3 +1013,7 @@ data.nosql.elasticsearch.connecting-using-rest.webclient=data.nosql.elasticsearc getting-started.first-application.code.enable-auto-configuration=getting-started.first-application.code.spring-boot-application actuator.tracing=actuator.http-exchanges actuator.tracing.custom=actuator.http-exchanges.custom + +# gh-35917 +howto.actuator.sanitize-sensitive-values=actuator.endpoints.sanitization +howto.actuator.sanitize-sensitive-values.customizing-sanitization=howto.actuator.customizing-sanitization diff --git a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/howto/actuator.adoc b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/howto/actuator.adoc index 28a8638948f..7c0c993eb79 100644 --- a/spring-boot-project/spring-boot-docs/src/docs/asciidoc/howto/actuator.adoc +++ b/spring-boot-project/spring-boot-docs/src/docs/asciidoc/howto/actuator.adoc @@ -34,38 +34,8 @@ See also the section on "`<>` will still be applied. - - - -[[howto.actuator.sanitize-sensitive-values.customizing-sanitization]] -==== Customizing Sanitization +[[howto.actuator.customizing-sanitization]] +=== Customizing Sanitization To take control over the sanitization, define a `SanitizingFunction` bean. The `SanitizableData` with which the function is called provides access to the key and value as well as the `PropertySource` from which they came. This allows you to, for example, sanitize every value that comes from a particular property source.