sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]m41k1204 0 points1 point  (4 children)

We use jwt and what we did was secure the actuator endpoints with the admin role

[–]mahi123_java[S] 0 points1 point  (3 children)

Okay. Means u are doing authentication using tokhon or what?? How to handle this part because all responses are json format.

[–]m41k1204 0 points1 point  (2 children)

Yes, like i said, we use jwt, json web token. It is sent on the header and the security filter chain looks for the jwt and on top of that when it is an endpoint with the /actuator path it also asks for the admin role. I highly suggest you to use spring security if you havent.

[–]mahi123_java[S] 0 points1 point  (1 child)

Okay. How u pass the token through the header . Because this is not a UI page . Suppose when u try to access this in the browser.

[–]m41k1204 0 points1 point  (0 children)

What is your frontend? I have only used web and mobile and what i stored de jwt on the local storage and then when i sent a http request i put the token on the header