Fail fast when base path and an endpoint mapping are set to '/'

YongGoose · philwebb · commit 8f535b266cc4 · 2025-04-22T11:59:51.000-07:00
Throw an exception if actuator is running on the main server port and the base path and an individual mapping are set to '/'. See gh-45251 Signed-off-by: yongjunhong <dev.yongjunh@gmail.com>
diff --git a/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/endpoint/web/servlet/WebMvcEndpointManagementContextConfiguration.java b/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/endpoint/web/servlet/WebMvcEndpointManagementContextConfiguration.java
@@ -69,6 +69,7 @@
  *
  * @author Andy Wilkinson
  * @author Phillip Webb
+ * @author Yongjun Hong
  * @since 2.0.0
  */
 @ManagementContextConfiguration(proxyBeanMethods = false)
@@ -93,6 +94,18 @@ public WebMvcEndpointHandlerMapping webEndpointServletHandlerMapping(WebEndpoint
 		allEndpoints.addAll(controllerEndpointsSupplier.getEndpoints());
 		String basePath = webEndpointProperties.getBasePath();
 		EndpointMapping endpointMapping = new EndpointMapping(basePath);
+
+		if (basePath.isEmpty() && ManagementPortType.get(environment).equals(ManagementPortType.SAME)) {
+			for (ExposableWebEndpoint endpoint : webEndpoints) {
+				if ("/".equals(endpoint.getRootPath())) {
+					throw new IllegalStateException(
+							"Management endpoints and endpoint path are both mapped to '/' on the server port which will "
+									+ "block access to other endpoints. Please use a different path for management endpoints or "
+									+ "map them to a dedicated management port.");
+				}
+			}
+		}
+
 		boolean shouldRegisterLinksMapping = shouldRegisterLinksMapping(webEndpointProperties, environment, basePath);
 		return new WebMvcEndpointHandlerMapping(endpointMapping, webEndpoints, endpointMediaTypes,
 				corsProperties.toCorsConfiguration(), new EndpointLinksResolver(allEndpoints, basePath),
diff --git a/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator/src/test/java/smoketest/actuator/ManagementEndpointConflictSmokeTest.java b/spring-boot-tests/spring-boot-smoke-tests/spring-boot-smoke-test-actuator/src/test/java/smoketest/actuator/ManagementEndpointConflictSmokeTest.java
@@ -0,0 +1,27 @@
+package smoketest.actuator;
+
+import org.junit.jupiter.api.Test;
+
+import org.springframework.beans.factory.BeanCreationException;
+import org.springframework.boot.SpringApplication;
+
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+/**
+ * Verifies that an exception is thrown when management and server endpoint paths
+ * conflict.
+ *
+ * @author Yongjun Hong
+ */
+class ManagementEndpointConflictSmokeTest {
+
+	@Test
+	void shouldThrowExceptionWhenManagementAndServerPathsConflict() {
+		assertThatThrownBy(() -> {
+			SpringApplication.run(SampleActuatorApplication.class, "--management.endpoints.web.base-path=/",
+					"--management.endpoints.web.path-mapping.health=/");
+		}).isInstanceOf(BeanCreationException.class)
+			.hasMessageContaining("Management endpoints and endpoint path are both mapped to '/'");
+	}
+
+}
