spring: + cloud: + config: + uri: https://user:secret@myconfig.mycompany.com+
diff --git a/spring-cloud.html b/spring-cloud.html index 02577bc..b1a9a52 100644 --- a/spring-cloud.html +++ b/spring-cloud.html @@ -425,6 +425,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
@EnableConfigServer annotation.
You are free to secure your Config Server in any way that makes sense +to you (from physical network security to OAuth2 bearer +tokens), and Spring Security and Spring Boot make it easy to do pretty +much anything.
+To use the default Spring Boot configured HTTP Basic security, just
+include Spring Security on the classpath (e.g. through
+spring-boot-starter-security). The default is a username of "user"
+and a randomly generated password, which isn’t going to be very useful
+in practice, so we recommend you configure the password (via
+security.user.password) and encrypt it (see below for instructions
+on how to do that).