Require `ACTUATOR` role rather than `ADMIN`

Update management security to require an `ACTUATOR` role rather than
`ADMIN` by default. This should reduce the risk of users accidentally
exposing actuator endpoints because they happen to use a role named
`ADMIN`.

Fixes gh-7569
pull/7630/head
Madhura Bhave 8 years ago
parent 95be208f0f
commit 1be5812cf0

@ -295,7 +295,7 @@ public class CrshAutoConfiguration {
CRaSHPlugin<AuthenticationPlugin> implements AuthenticationPlugin<String> {
private static final PropertyDescriptor<String> ROLES = PropertyDescriptor.create(
"auth.spring.roles", "ADMIN",
"auth.spring.roles", "ACTUATOR",
"Comma separated list of roles required to access the shell");
@Autowired
@ -305,7 +305,7 @@ public class CrshAutoConfiguration {
@Qualifier("shellAccessDecisionManager")
private AccessDecisionManager accessDecisionManager;
private String[] roles = new String[] { "ADMIN" };
private String[] roles = new String[] { "ACTUATOR" };
@Override
public boolean authenticate(String username, String password) throws Exception {

@ -168,7 +168,7 @@ public class ManagementServerProperties implements SecurityPrerequisite {
/**
* Comma-separated list of roles that can access the management endpoint.
*/
private List<String> roles = Arrays.asList("ADMIN");
private List<String> roles = Arrays.asList("ACTUATOR");
/**
* Session creating policy for security use (always, never, if_required,

@ -524,7 +524,7 @@ public class ShellProperties {
/**
* Comma-separated list of required roles to login to the CRaSH console.
*/
private String[] roles = new String[] { "ADMIN" };
private String[] roles = new String[] { "ACTUATOR" };
@Override
protected void applyToCrshShellConfig(Properties config) {

@ -194,7 +194,7 @@ public class HealthMvcEndpoint extends AbstractEndpointMvcAdapter<HealthEndpoint
Authentication authentication = (Authentication) principal;
List<String> roles = Arrays.asList(StringUtils
.trimArrayElements(StringUtils.commaDelimitedListToStringArray(
this.roleResolver.getProperty("roles", "ROLE_ADMIN"))));
this.roleResolver.getProperty("roles", "ROLE_ACTUATOR"))));
for (GrantedAuthority authority : authentication.getAuthorities()) {
String name = authority.getAuthority();
for (String role : roles) {

@ -347,7 +347,7 @@ public class CrshAutoConfigurationTests {
authentication = new UsernamePasswordAuthenticationToken(
authentication.getPrincipal(),
authentication.getCredentials(), Collections
.singleton(new SimpleGrantedAuthority("ADMIN")));
.singleton(new SimpleGrantedAuthority("ACTUATOR")));
}
else {
throw new BadCredentialsException(

@ -120,7 +120,7 @@ public class ManagementWebSecurityAutoConfigurationTests {
ArrayList<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(
user.getAuthorities());
assertThat(authorities).containsAll(AuthorityUtils
.commaSeparatedStringToAuthorityList("ROLE_USER,ROLE_ADMIN"));
.commaSeparatedStringToAuthorityList("ROLE_USER,ROLE_ACTUATOR"));
}
private UserDetails getUser() {

@ -68,7 +68,7 @@ public class MvcEndpointIntegrationTests {
@Test
public void defaultJsonResponseIsNotIndented() throws Exception {
TestSecurityContextHolder.getContext().setAuthentication(
new TestingAuthenticationToken("user", "N/A", "ROLE_ADMIN"));
new TestingAuthenticationToken("user", "N/A", "ROLE_ACTUATOR"));
this.context = new AnnotationConfigWebApplicationContext();
this.context.register(SecureConfiguration.class);
MockMvc mockMvc = createSecureMockMvc();
@ -103,7 +103,7 @@ public class MvcEndpointIntegrationTests {
@Test
public void jsonExtensionProvided() throws Exception {
TestSecurityContextHolder.getContext().setAuthentication(
new TestingAuthenticationToken("user", "N/A", "ROLE_ADMIN"));
new TestingAuthenticationToken("user", "N/A", "ROLE_ACTUATOR"));
this.context = new AnnotationConfigWebApplicationContext();
this.context.register(SecureConfiguration.class);
MockMvc mockMvc = createSecureMockMvc();
@ -151,7 +151,7 @@ public class MvcEndpointIntegrationTests {
}
@Test
public void sensitiveEndpointsAreSecureWithNonAdminRoleWithCustomContextPath()
public void sensitiveEndpointsAreSecureWithNonActuatorRoleWithCustomContextPath()
throws Exception {
TestSecurityContextHolder.getContext().setAuthentication(
new TestingAuthenticationToken("user", "N/A", "ROLE_USER"));
@ -164,10 +164,10 @@ public class MvcEndpointIntegrationTests {
}
@Test
public void sensitiveEndpointsAreSecureWithAdminRoleWithCustomContextPath()
public void sensitiveEndpointsAreSecureWithActuatorRoleWithCustomContextPath()
throws Exception {
TestSecurityContextHolder.getContext().setAuthentication(
new TestingAuthenticationToken("user", "N/A", "ROLE_ADMIN"));
new TestingAuthenticationToken("user", "N/A", "ROLE_ACTUATOR"));
this.context = new AnnotationConfigWebApplicationContext();
this.context.register(SecureConfiguration.class);
EnvironmentTestUtils.addEnvironment(this.context,
@ -199,7 +199,7 @@ public class MvcEndpointIntegrationTests {
private void assertIndentedJsonResponse(Class<?> configuration) throws Exception {
TestSecurityContextHolder.getContext().setAuthentication(
new TestingAuthenticationToken("user", "N/A", "ROLE_ADMIN"));
new TestingAuthenticationToken("user", "N/A", "ROLE_ACTUATOR"));
this.context = new AnnotationConfigWebApplicationContext();
this.context.register(configuration);
EnvironmentTestUtils.addEnvironment(this.context,

@ -73,7 +73,7 @@ public class SampleMethodSecurityApplication extends WebMvcConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("admin").password("admin")
.roles("ADMIN", "USER").and().withUser("user").password("user")
.roles("ADMIN", "USER", "ACTUATOR").and().withUser("user").password("user")
.roles("USER");
}

Loading…
Cancel
Save