Actuator

Change the HTTP port or address of the actuator endpoints

In a standalone application the Actuator HTTP port defaults to the same as the main HTTP port. To make the application listen on a different port set the external property management.port. To listen on a completely different network address (e.g. if you have an internal network for management and an external one for user applications) you can also set management.address to a valid IP address that the server is able to bind to.

For more detail look at the ManagementServerProperties source code and production-ready-customizing-management-server-port in the ‘Production-ready features’ section.

Customize the ‘whitelabel’ error page

Spring Boot installs a ‘whitelabel’ error page that you will see in browser client if you encounter a server error (machine clients consuming JSON and other media types should see a sensible response with the right error code).

Set server.error.whitelabel.enabled=false to switch the default error page off which will restore the default of the servlet container that you are using. Note that Spring Boot will still attempt to resolve the error view so you’d probably add you own error page rather than disabling it completely.

Overriding the error page with your own depends on the templating technology that you are using. For example, if you are using Thymeleaf you would add an error.html template and if you are using FreeMarker you would add an error.ftl template. In general what you need is a View that resolves with a name of error, and/or a @Controller that handles the /error path. Unless you replaced some of the default configuration you should find a BeanNameViewResolver in your ApplicationContext so a @Bean with id error would be a simple way of doing that. Look at ErrorMvcAutoConfiguration for more options.

See also the section on Error Handling for details of how to register handlers in the servlet container.

Sanitize sensible values

Information returned by the env and configprops endpoints can be somewhat sensitive so keys matching a certain pattern are sanitized by default (i.e. their values are replaced by ******).

Spring Boot uses sensible defaults for such keys: for instance, any key ending with the word "password", "secret", "key" or "token" is sanitized. It is also possible to use a regular expression instead, such as *credentials.* to sanitize any key that holds the word credentials as part of the key.

The patterns to use can be customized using the endpoints.env.keys-to-sanitize and endpoints.configprops.keys-to-sanitize respectively.

Actuator and Jersey

Actuator HTTP endpoints are only available for Spring MVC-based applications. If you want to use Jersey and still use the actuator you will need to enable Spring MVC (by depending on spring-boot-starter-web, for example). By default, both Jersey and the Spring MVC dispatcher servlet are mapped to the same path (/). You will need to change the path for one of them (by configuring server.servlet-path for Spring MVC or spring.jersey.application-path for Jersey). For example, if you add server.servlet-path=/system into application.properties, the actuator HTTP endpoints will be available under /system.