Extra Unknown endpoints getting added to spring boot application

Question

I am creating a spring boot application. I am adding few endpoints to it. In that process some of the endpoints are secure and some are not.

Once the application is installed I am getting some extra endpoints giving application info which are not even exposed.

Example: Some of the exposed endpoints are

@RestController
@RequestMapping("/category/v1")
public class ControllerClass {
     @RequestMapping(value="/pillars", method=RequestMethod.GET)
     public String pillarGetMethod() {
       //method
     }

     @RequestMapping(value="/frameworks", method=RequestMethod.GET)
     public String frameworkGetMethod() {
       //method
     }
}

Now expectation is we will have

• /category/v1/pillars
• /category/v1/frameworks

should get exposed.

But with that

• /pillars
• /frameworks

is also getting exposed with response as

{
  "_embedded" : {
    "pillars" : [ {

    } ]
  },
  "_links" : {
    "self" : {
      "href" : "http://<ip>/pillars{?page,size,sort}",
      "templated" : true
    },
    "profile" : {
      "href" : "http://<ip>/profile/pillars"
    },
    "search" : {
      "href" : "http://<ip>/pillars/search"
    }
  },
  "page" : {
    "size" : 20,
    "totalElements" : 5,
    "totalPages" : 1,
    "number" : 0
  }
}

I need help on understanding the output and also how I can stop this from getting exposed.

Answer 1

My guess is you defined something like :

public class PillarRepository extends CrudRepository<Pillar, String> { ... }

public class FrameworkPillarRepository extends CrudRepository<Pillar, String> { ... }

If so, the underlying resources are exposed automatically by Spring Boot/Spring Data Rest, unless you annotate the repositories with @RepositoryRestResource(exported = false).

If you just wish to reproduce the automatic GET behavior, but with a custom path, use the path option.