问题描述

我试图从JHipster Angular App中找出如何使用JhiConfigurationService.在将服务注入我的Angular组件后，我已经设法通过该应用程序使用该服务访问env变量，但是仅当我以管理员"用户身份登录时，该方法才有效.切换到普通用户后，该服务将不会返回任何值.我发现Spring Boot有一个端点配置，但是在现有的application.yml配置中，没有任何东西可以改变默认行为(对特定的关键字进行消毒).

I'm trying to figure out how to use the JhiConfigurationService from JHipster Angular App. I've managed to access the env variables using this service from the App after injecting the service into my Angular component but it only works if I'm logged in as an "admin" user. As soon as I switch to the normal user, the service won't return any values. I've found that there is an endpoint configuration for Spring Boot but in the existing application.yml configs there is nothing which would change the default behavior (sanitizing specific keywords).

编辑:我认为可能有一种方法可以告诉spring在没有ADMIN角色的情况下应允许读取哪些ENV变量.类似于 docs

Edit: I thought that there might be a way of telling spring which ENV variables it should allow to read without ADMIN role. Similar to endpoints.env.keys-to-sanitize from docs

推荐答案

只需在SecurityConfiguration.java中编辑configure()方法，以使/management/env不需要ADMIN权限(顺序很重要)，但是请仅公开安全数据.

Just edit configure() method in SecurityConfiguration.java so that /management/env does not require ADMIN authority (order matters) but be careful to expose only safe data.

.antMatchers("/management/health").permitAll()
.antMatchers("/management/env").permitAll()
.antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)

这篇关于从JHipster App使用Spring Boot的ENV变量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！