enableByDefault is a parameter in the @Endpoint annotation that controls whether the custom actuator endpoint is automatically enabled or requires explicit configuration.
enableByDefault Details:
Syntax:
@Endpoint(id = "course", enableByDefault = false)
Default Value:
enableByDefault = true (if not specified)
Behavior:
When enableByDefault = true (default):
✅ Endpoint is automatically available
✅ Accessible at /actuator/course without additional config
✅ Enabled by management.endpoints.web.exposure.include=*
When enableByDefault = false:
❌ Endpoint is disabled by default
❌ Not accessible even with exposure.include=*
✅ Must be explicitly enabled in application.properties
Example Usage:
@Component
@Endpoint(id = "course", enableByDefault = false)
public class CourseEndpoint {// ... methods
}
To enable when enableByDefault = false:
Add to application.properties:management.endpoint.course.enabled=true
Use Cases:
enableByDefault = true (default):
- Production-ready endpoints
- Safe for general use
- Standard monitoring endpoints
enableByDefault = false:
- Sensitive operations (like your delete methods)
- Debug/development endpoints
- Potentially dangerous operations
- Endpoints requiring explicit opt-in
Security Consideration:
The endpoint has @DeleteOperation methods that can delete courses. Consider using: @Endpoint(id = "course", enableByDefault = false)
This ensures the delete functionality isn't accidentally exposed in production without explicit configuration.
)
