Closed mayrstefan closed 1 year ago
I don't believe this comes from the buildpack. The /cloudfoundryapplication
path is added by Spring Boot Actuators.
You can disable adding that by setting management.cloudfoundry.enabled=false
. See reference docs.
The warning itself comes from Spring Security. See this comment which explains the change in recommendation.
If your application is setting these values, you should make the adjustment to use permitAll
instead of ignoring that path. If you're not setting that anywhere in the app, perhaps you're not on a new enough Spring Boot to have caught up with that recommendation. Just a guess though. If you can't track it down, asking in a Spring Boot issue/chat/SO post would probably be the way to go.
Hope that helps!
This is now tracked in https://github.com/spring-projects/spring-boot/issues/32622
OK, I'm going to close this. If you need anything else from the buildpacks team, just let us know. Thanks
Today a developer pointed me to these application messages
This is happening for a Spring Boot Application running the latest Java Builldpack. Those URLs are accessed by the VMware Tanzu Apps Manager. Which is okay so far. But this pattern doesn't exist in our code. We think this comes from same magic buildpack voodoo. So where is this coming from and why is it injected in a way that is not recommended?