46.6 Security with HealthIndicators
Information returned by HealthIndicators
is often somewhat sensitive in nature. For example, you probably don’t want to publish details of your database server to the world. For this reason, by default, only the health status is exposed over an unauthenticated HTTP connection. If you are happy for complete health information to always be exposed you can set endpoints.health.sensitive
to false
.
Health responses are also cached to prevent “denial of service” attacks. Use the endpoints.health.time-to-live
property if you want to change the default cache period of 1000 milliseconds.
46.6.1 Auto-configured HealthIndicators
The following HealthIndicators
are auto-configured by Spring Boot when appropriate:
Name | Description |
---|---|
CassandraHealthIndicator |
Checks that a Cassandra database is up. |
DiskSpaceHealthIndicator |
Checks for low disk space. |
DataSourceHealthIndicator |
Checks that a connection to DataSource can be obtained. |
ElasticsearchHealthIndicator |
Checks that an Elasticsearch cluster is up. |
JmsHealthIndicator |
Checks that a JMS broker is up. |
MailHealthIndicator |
Checks that a mail server is up. |
MongoHealthIndicator |
Checks that a Mongo database is up. |
RabbitHealthIndicator |
Checks that a Rabbit server is up. |
RedisHealthIndicator |
Checks that a Redis server is up. |
SolrHealthIndicator |
Checks that a Solr server is up. |
Tip | |
---|---|
It is possible to disable them all using the management.health.defaults.enabled property. |
46.6.2 Writing custom HealthIndicators
To provide custom health information you can register Spring beans that implement the HealthIndicator
interface. You need to provide an implementation of the health()
method and return a Health
response. The Health
response should include a status and can optionally include additional details to be displayed.
import org.springframework.boot.actuate.health.Health; import org.springframework.boot.actuate.health.HealthIndicator; import org.springframework.stereotype.Component; _@Component_ public class MyHealthIndicator implements HealthIndicator { _@Override_ public Health health() { int errorCode = check(); // perform some specific health check if (errorCode != 0) { return Health.down().withDetail("Error Code", errorCode).build(); } return Health.up().build(); } }
Note | |
---|---|
The identifier for a given HealthIndicator is the name of the bean without the HealthIndicator suffix if it exists. In the example above, the health information will be available in an entry named my . |
In addition to Spring Boot’s predefined Status
types, it is also possible for Health
to return a custom Status
that represents a new system state. In such cases a custom implementation of the HealthAggregator
interface also needs to be provided, or the default implementation has to be configured using the management.health.status.order
configuration property.
For example, assuming a new Status
with code FATAL
is being used in one of your HealthIndicator
implementations. To configure the severity order add the following to your application properties:
management.health.status.order=DOWN, OUT_OF_SERVICE, UNKNOWN, UP
You might also want to register custom status mappings with the HealthMvcEndpoint
if you access the health endpoint over HTTP. For example you could map FATAL
to HttpStatus.SERVICE_UNAVAILABLE
.