Polish actuator security changes

Closes gh-7569

Polish actuator security changes
Closes gh-7569
435ca3db · Stephane Nicoll · 05ebed77 · 435ca3db · 435ca3db
Commit 435ca3db authored Dec 27, 2016 by Stephane Nicoll
Showing with 3 additions and 3 deletions

appendix-application-properties.adoc ...cs/src/main/asciidoc/appendix-application-properties.adoc +2 -2

spring-boot-features.adoc spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc +1 -1

No files found.
--- a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
+++ b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
@@ -1057,7 +1057,7 @@ content into your application; rather pick only the properties that you need.
 	management.context-path= # Management endpoint context-path. For instance `/actuator`
 	management.port= # Management endpoint HTTP port. Uses the same port as the application by default. Configure a different port to use management-specific SSL.
 	management.security.enabled=true # Enable security.
-	management.security.roles=ADMIN # Comma-separated list of roles that can access the management endpoint.
+	management.security.roles=ACTUATOR # Comma-separated list of roles that can access the management endpoint.
 	management.security.sessions=stateless # Session creating policy to use (always, never, if_required, stateless).
 	management.ssl.ciphers= # Supported SSL ciphers. Requires a custom management.port.
 	management.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store. Requires a custom management.port.
@@ -1107,7 +1107,7 @@ content into your application; rather pick only the properties that you need.
 	management.shell.auth.key.path= # Path to the authentication key. This should point to a valid ".pem" file.
 	management.shell.auth.simple.user.name=user # Login user.
 	management.shell.auth.simple.user.password= # Login password.
-	management.shell.auth.spring.roles=ADMIN # Comma-separated list of required roles to login to the CRaSH console.
+	management.shell.auth.spring.roles=ACTUATOR # Comma-separated list of required roles to login to the CRaSH console.
 	management.shell.command-path-patterns=classpath*:/commands/**,classpath*:/crash/commands/** # Patterns to use to look for commands.
 	management.shell.command-refresh-interval=-1 # Scan for changes and update the command if necessary (in seconds).
 	management.shell.config-path-patterns=classpath*:/crash/* # Patterns to use to look for configurations.

--- a/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc
+++ b/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc
@@ -2684,7 +2684,7 @@ If the Actuator is also in use, you will find:

 * The management endpoints are secure even if the application endpoints are insecure.
 * Security events are transformed into `AuditEvents` and published to the `AuditService`.
-* The default user will have the `ADMIN` role as well as the `USER` role.
+* The default user will have the `ACTUATOR` role as well as the `USER` role.

 The Actuator security features can be modified using external properties
 (`+management.security.*+`). To override the application access rules