Is your feature request related to a problem? Please describe.
My application is exposed on the server-port publicly, however, the management-port is not exposed publicly (actuator).
I want to be able to access the swagger ui in my vpn by having it on my management port. Users of my application on the other hand should not be able to access it.
Describe the solution you'd like
Add a property
springdoc.use-management-port: (default false)
If it is set to true then expose the swagger ui using the management port.
Hi @flamestro,
Starting from the next release 1.5.1, it will be possible to expose the swagger-ui and the openapi endpoints on actuator port, when this one is different from the application port.
Let's assume for example you have:
management.server.port=9090
To expose the swagger-ui, on the management port, you set
springdoc.use-management-port=true
# This property enables the openapi and swaggerui endpoints to be exposed beneath the actuator base path.
management.endpoints.web.exposure.include=openapi, swaggerui
Once enabled, you should also be able to see the springdoc-openapi endpoints under: (host and port depends on your settings)
Two endpoints will be available:
http://localhost:9090/actuator/openapi
An Endpoint, that routes to the swagger-ui
Note, that if you want to reach the application endpoints, from the swagger-ui deployed beneath the actuator base path, under a different port from your application, CORS for your endpoints on your application level should be enabled.
Additionally, it will be also possible to combine this property, with the existing property to display the actuator endpoints in the swagger-ui.
springdoc.show-actuator=true
Once enabled:
The swagger-ui will be then accessible through the actuator port:
Now, if the management port is different from the application port and 'springdoc.use-management-port' is not defined but 'springdoc.show-actuator' is set to true:
Once enabled:
Note, that if you want to reach the actuator endpoints for this case (different port from your application), CORS for your actuator endpoints should be enabled.
You can use actuator properties for that. For example:
management.endpoints.web.cors.allowed-methods=GET
management.endpoints.web.cors.allowed-origins=http://localhost:8080
Finally, the naming of these new endpoints beneath the actuator base path cannot be customized for now: This is a limitation of the actual actuator EndpointId implementation which doesn't accept property placeholders.
All the changes are now available on master. So please, don't hesitate to test using the latest snapshot.
@bnasslahsen
Thanks for the introduction of this feature and the kind explanation on how to use it!
I will use and test it this week.
Best regards
Hey @bnasslahsen,
I tested the feature now and thanks again for adding it!
Just found one issue that I will investigate further and report here (if it is a real issue)
Other than that it is nicely working! Thanks
Most helpful comment
Hi @flamestro,
Starting from the next release
1.5.1, it will be possible to expose the swagger-ui and the openapi endpoints on actuator port, when this one is different from the application port.Let's assume for example you have:
To expose the swagger-ui, on the management port, you set
Once enabled, you should also be able to see the springdoc-openapi endpoints under: (host and port depends on your settings)
Two endpoints will be available:
http://localhost:9090/actuator/openapi
An Endpoint, that routes to the swagger-ui
Note, that if you want to reach the application endpoints, from the swagger-ui deployed beneath the actuator base path, under a different port from your application,
CORS for your endpointson your application level should be enabled.Additionally, it will be also possible to combine this property, with the existing property to display the actuator endpoints in the swagger-ui.
Once enabled:
The swagger-ui will be then accessible through the actuator port:
Now, if the management port is different from the application port and 'springdoc.use-management-port' is not defined but 'springdoc.show-actuator' is set to true:
Once enabled:
Note, that if you want to reach the actuator endpoints for this case (different port from your application),
CORSfor your actuator endpoints should be enabled.You can use actuator properties for that. For example:
Finally, the naming of these new endpoints beneath the actuator base path cannot be customized for now: This is a limitation of the actual actuator EndpointId implementation which doesn't accept property placeholders.
All the changes are now available on master. So please, don't hesitate to test using the latest snapshot.