Using a config server with Git and Vault, I now centralize logging. However, the server requires an X-Config-Token header. How can I bypass this?
logging_setup:
file_path: ${config.endpoint}/${service.id}/${environment}/prod/appender.xml
hey i faced this issue before, ended up writin a custom filter to skip token check. its a bit hacki but did the trick. maybe adjust it for your needs, seems to work fine!
hey ppl im kinda curious if any of u tried using interceptors to bypss the token req? maybe modfyng vault config or something similar might help. what did u all end up doing?
hey, i tried tweakin my config to use separate routes so the token isnt needed. kinda hacky yet worked for us. how do others feel bout bypassing that security on specific endpoints? any gotchas yall encountered?
Integrating security and logging in a centralized configuration always requires a careful balance between convenience and maintainability. In my experience, a more robust approach than bypassing the token check was to configure the client to automatically append the token header when making calls to the config server. This can be achieved by customizing the underlying HTTP client or by setting up an interceptor that ensures the X-Config-Token header is consistently added. Such a solution maintains the security model while streamlining log configuration retrieval.