Check if managementServerProperties.getSecurity() is not null

before checking isEnabled(). It is explicitly constructed as null
in ManagementServerProperties to prevent class not found errors
at runtime when Security is not on the classpath.

Fixes gh-2003, fixes gh-2004
This commit is contained in:
Spencer Gibb 2014-11-25 15:29:01 -07:00 committed by Dave Syer
parent 3bb598a421
commit 2fb4d2ece6
1 changed files with 2 additions and 1 deletions

View File

@ -165,7 +165,8 @@ public class EndpointWebMvcAutoConfiguration implements ApplicationContextAware,
@ConditionalOnProperty(prefix = "endpoints.health", name = "enabled", matchIfMissing = true)
public HealthMvcEndpoint healthMvcEndpoint(HealthEndpoint delegate) {
HealthMvcEndpoint healthMvcEndpoint = new HealthMvcEndpoint(delegate);
boolean secure = this.managementServerProperties.getSecurity().isEnabled()
boolean secure = this.managementServerProperties.getSecurity() != null
&& this.managementServerProperties.getSecurity().isEnabled()
&& ClassUtils.isPresent(
"org.springframework.security.core.Authentication", null);
delegate.setSensitive(secure);