Require ACTUATOR role rather than ADMIN

mbhave · mbhave · commit 1be5812cf0e5 · 2016-12-05T17:58:16.000-08:00
Update management security to require an `ACTUATOR` role rather than `ADMIN` by default. This should reduce the risk of users accidentally exposing actuator endpoints because they happen to use a role named `ADMIN`. Fixes spring-projectsgh-7569
diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/CrshAutoConfiguration.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/CrshAutoConfiguration.java
@@ -295,7 +295,7 @@ private static class AuthenticationManagerAdapter extends
 			CRaSHPlugin<AuthenticationPlugin> implements AuthenticationPlugin<String> {
 
 		private static final PropertyDescriptor<String> ROLES = PropertyDescriptor.create(
-				"auth.spring.roles", "ADMIN",
+				"auth.spring.roles", "ACTUATOR",
 				"Comma separated list of roles required to access the shell");
 
 		@Autowired
@@ -305,7 +305,7 @@ private static class AuthenticationManagerAdapter extends
 		@Qualifier("shellAccessDecisionManager")
 		private AccessDecisionManager accessDecisionManager;
 
-		private String[] roles = new String[] { "ADMIN" };
+		private String[] roles = new String[] { "ACTUATOR" };
 
 		@Override
 		public boolean authenticate(String username, String password) throws Exception {
diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ManagementServerProperties.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ManagementServerProperties.java
@@ -168,7 +168,7 @@ public static class Security {
 		/**
 		 * Comma-separated list of roles that can access the management endpoint.
 		 */
-		private List<String> roles = Arrays.asList("ADMIN");
+		private List<String> roles = Arrays.asList("ACTUATOR");
 
 		/**
 		 * Session creating policy for security use (always, never, if_required,
diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ShellProperties.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ShellProperties.java
@@ -524,7 +524,7 @@ public static class SpringAuthenticationProperties
 		/**
 		 * Comma-separated list of required roles to login to the CRaSH console.
 		 */
-		private String[] roles = new String[] { "ADMIN" };
+		private String[] roles = new String[] { "ACTUATOR" };
 
 		@Override
 		protected void applyToCrshShellConfig(Properties config) {
diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/mvc/HealthMvcEndpoint.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/mvc/HealthMvcEndpoint.java
@@ -194,7 +194,7 @@ private boolean isSecure(Principal principal) {
 			Authentication authentication = (Authentication) principal;
 			List<String> roles = Arrays.asList(StringUtils
 					.trimArrayElements(StringUtils.commaDelimitedListToStringArray(
-							this.roleResolver.getProperty("roles", "ROLE_ADMIN"))));
+							this.roleResolver.getProperty("roles", "ROLE_ACTUATOR"))));
 			for (GrantedAuthority authority : authentication.getAuthorities()) {
 				String name = authority.getAuthority();
 				for (String role : roles) {
diff --git a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/autoconfigure/CrshAutoConfigurationTests.java b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/autoconfigure/CrshAutoConfigurationTests.java
@@ -347,7 +347,7 @@ public Authentication authenticate(Authentication authentication)
 						authentication = new UsernamePasswordAuthenticationToken(
 								authentication.getPrincipal(),
 								authentication.getCredentials(), Collections
-										.singleton(new SimpleGrantedAuthority("ADMIN")));
+										.singleton(new SimpleGrantedAuthority("ACTUATOR")));
 					}
 					else {
 						throw new BadCredentialsException(
diff --git a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/autoconfigure/ManagementWebSecurityAutoConfigurationTests.java b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/autoconfigure/ManagementWebSecurityAutoConfigurationTests.java
@@ -120,7 +120,7 @@ public void testWebConfigurationWithExtraRole() throws Exception {
 		ArrayList<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(
 				user.getAuthorities());
 		assertThat(authorities).containsAll(AuthorityUtils
-				.commaSeparatedStringToAuthorityList("ROLE_USER,ROLE_ADMIN"));
+				.commaSeparatedStringToAuthorityList("ROLE_USER,ROLE_ACTUATOR"));
 	}
 
 	private UserDetails getUser() {
diff --git a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/mvc/MvcEndpointIntegrationTests.java b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/mvc/MvcEndpointIntegrationTests.java
@@ -68,7 +68,7 @@ public void close() {
 	@Test
 	public void defaultJsonResponseIsNotIndented() throws Exception {
 		TestSecurityContextHolder.getContext().setAuthentication(
-				new TestingAuthenticationToken("user", "N/A", "ROLE_ADMIN"));
+				new TestingAuthenticationToken("user", "N/A", "ROLE_ACTUATOR"));
 		this.context = new AnnotationConfigWebApplicationContext();
 		this.context.register(SecureConfiguration.class);
 		MockMvc mockMvc = createSecureMockMvc();
@@ -103,7 +103,7 @@ public void fileExtensionNotFound() throws Exception {
 	@Test
 	public void jsonExtensionProvided() throws Exception {
 		TestSecurityContextHolder.getContext().setAuthentication(
-				new TestingAuthenticationToken("user", "N/A", "ROLE_ADMIN"));
+				new TestingAuthenticationToken("user", "N/A", "ROLE_ACTUATOR"));
 		this.context = new AnnotationConfigWebApplicationContext();
 		this.context.register(SecureConfiguration.class);
 		MockMvc mockMvc = createSecureMockMvc();
@@ -151,7 +151,7 @@ public void sensitiveEndpointsAreSecureByDefaultWithCustomContextPath()
 	}
 
 	@Test
-	public void sensitiveEndpointsAreSecureWithNonAdminRoleWithCustomContextPath()
+	public void sensitiveEndpointsAreSecureWithNonActuatorRoleWithCustomContextPath()
 			throws Exception {
 		TestSecurityContextHolder.getContext().setAuthentication(
 				new TestingAuthenticationToken("user", "N/A", "ROLE_USER"));
@@ -164,10 +164,10 @@ public void sensitiveEndpointsAreSecureWithNonAdminRoleWithCustomContextPath()
 	}
 
 	@Test
-	public void sensitiveEndpointsAreSecureWithAdminRoleWithCustomContextPath()
+	public void sensitiveEndpointsAreSecureWithActuatorRoleWithCustomContextPath()
 			throws Exception {
 		TestSecurityContextHolder.getContext().setAuthentication(
-				new TestingAuthenticationToken("user", "N/A", "ROLE_ADMIN"));
+				new TestingAuthenticationToken("user", "N/A", "ROLE_ACTUATOR"));
 		this.context = new AnnotationConfigWebApplicationContext();
 		this.context.register(SecureConfiguration.class);
 		EnvironmentTestUtils.addEnvironment(this.context,
@@ -199,7 +199,7 @@ public void endpointSecurityCanBeDisabled() throws Exception {
 
 	private void assertIndentedJsonResponse(Class<?> configuration) throws Exception {
 		TestSecurityContextHolder.getContext().setAuthentication(
-				new TestingAuthenticationToken("user", "N/A", "ROLE_ADMIN"));
+				new TestingAuthenticationToken("user", "N/A", "ROLE_ACTUATOR"));
 		this.context = new AnnotationConfigWebApplicationContext();
 		this.context.register(configuration);
 		EnvironmentTestUtils.addEnvironment(this.context,
diff --git a/spring-boot-samples/spring-boot-sample-web-method-security/src/main/java/sample/security/method/SampleMethodSecurityApplication.java b/spring-boot-samples/spring-boot-sample-web-method-security/src/main/java/sample/security/method/SampleMethodSecurityApplication.java
@@ -73,7 +73,7 @@ protected static class AuthenticationSecurity
 		@Override
 		public void init(AuthenticationManagerBuilder auth) throws Exception {
 			auth.inMemoryAuthentication().withUser("admin").password("admin")
-					.roles("ADMIN", "USER").and().withUser("user").password("user")
+					.roles("ADMIN", "USER", "ACTUATOR").and().withUser("user").password("user")
 					.roles("USER");
 		}
 

Original file line number	Diff line number	Diff line change
`@@ -347,7 +347,7 @@ public Authentication authenticate(Authentication authentication)`
`347`	`347`	`authentication = new UsernamePasswordAuthenticationToken(`
`348`	`348`	`authentication.getPrincipal(),`
`349`	`349`	`authentication.getCredentials(), Collections`
`350`		`- .singleton(new SimpleGrantedAuthority("ADMIN")));`
	`350`	`+ .singleton(new SimpleGrantedAuthority("ACTUATOR")));`
`351`	`351`	`}`
`352`	`352`	`else {`
`353`	`353`	`throw new BadCredentialsException(`
Original file line number	Diff line number	Diff line change
`@@ -120,7 +120,7 @@ public void testWebConfigurationWithExtraRole() throws Exception {`
`120`	`120`	`ArrayList<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(`
`121`	`121`	`user.getAuthorities());`
`122`	`122`	`assertThat(authorities).containsAll(AuthorityUtils`
`123`		`- .commaSeparatedStringToAuthorityList("ROLE_USER,ROLE_ADMIN"));`
	`123`	`+ .commaSeparatedStringToAuthorityList("ROLE_USER,ROLE_ACTUATOR"));`
`124`	`124`	`}`
`125`	`125`
`126`	`126`	`private UserDetails getUser() {`
Original file line number	Diff line number	Diff line change
`@@ -73,7 +73,7 @@ protected static class AuthenticationSecurity`
`73`	`73`	`@Override`
`74`	`74`	`public void init(AuthenticationManagerBuilder auth) throws Exception {`
`75`	`75`	`auth.inMemoryAuthentication().withUser("admin").password("admin")`
`76`		`- .roles("ADMIN", "USER").and().withUser("user").password("user")`
	`76`	`+ .roles("ADMIN", "USER", "ACTUATOR").and().withUser("user").password("user")`
`77`	`77`	`.roles("USER");`
`78`	`78`	`}`
`79`	`79`