Support configuration of multiple management roles

Closes gh-5045

Author: vpavic

spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/CrshAutoConfiguration.java

@@ -196,8 +196,8 @@ public SpringAuthenticationProperties springAuthenticationProperties() {
 			// overridden by ConfigurationProperties.
 			SpringAuthenticationProperties authenticationProperties = new SpringAuthenticationProperties();
 			if (this.management != null) {
-				authenticationProperties.setRoles(
-						new String[] { this.management.getSecurity().getRole() });
+				List<String> roles = this.management.getSecurity().getRole();
+				authenticationProperties.setRoles(roles.toArray(new String[roles.size()]));
 			}
 			return authenticationProperties;
 		}

spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ManagementServerProperties.java

@@ -17,6 +17,9 @@
 package org.springframework.boot.actuate.autoconfigure;
 
 import java.net.InetAddress;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
 
 import javax.validation.constraints.NotNull;
 
@@ -33,6 +36,7 @@
  *
  * @author Dave Syer
  * @author Stephane Nicoll
+ * @author Vedran Pavic
  * @see ServerProperties
  */
 @ConfigurationProperties(prefix = "management", ignoreUnknownFields = true)
@@ -160,9 +164,9 @@ public static class Security {
 		private boolean enabled = true;
 
 		/**
-		 * Role required to access the management endpoint.
+		 * Roles required to access the management endpoint.
 		 */
-		private String role = "ADMIN";
+		private List<String> role = new ArrayList<String>(Arrays.asList("ADMIN"));
 
 		/**
 		 * Session creating policy to use (always, never, if_required, stateless).
@@ -177,11 +181,11 @@ public void setSessions(SessionCreationPolicy sessions) {
 			this.sessions = sessions;
 		}
 
-		public void setRole(String role) {
+		public void setRole(List<String> role) {
 			this.role = role;
 		}
 
-		public String getRole() {
+		public List<String> getRole() {
 			return this.role;
 		}
 

spring-boot-actuator/src/main/java/org/springframework/boot/actuate/autoconfigure/ManagementWebSecurityAutoConfiguration.java

@@ -124,7 +124,7 @@ public ManagementSecurityPropertiesConfiguration(
 		public void init() {
 			if (this.management != null && this.security != null) {
 				this.security.getUser().getRole()
-						.add(this.management.getSecurity().getRole());
+						.addAll(this.management.getSecurity().getRole());
 			}
 		}
 
@@ -296,8 +296,9 @@ private void configurePermittedRequests(
 			// Permit access to the non-sensitive endpoints
 			requests.requestMatchers(new LazyEndpointPathRequestMatcher(
 					this.contextResolver, EndpointPaths.NON_SENSITIVE)).permitAll();
-			// Restrict the rest to the configured role
-			requests.anyRequest().hasRole(this.management.getSecurity().getRole());
+			// Restrict the rest to the configured roles
+			List<String> roles = this.management.getSecurity().getRole();
+			requests.anyRequest().hasAnyRole(roles.toArray(new String[roles.size()]));
 		}
 
 	}

spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc

@@ -996,7 +996,7 @@ content into your application; rather pick only the properties that you need.
 	management.context-path= # Management endpoint context-path. For instance `/actuator`
 	management.port= # Management endpoint HTTP port. Use the same port as the application by default.
 	management.security.enabled=true # Enable security.
-	management.security.role=ADMIN # Role required to access the management endpoint.
+	management.security.role=ADMIN # Roles required to access the management endpoint.
 	management.security.sessions=stateless # Session creating policy to use (always, never, if_required, stateless).
 
 	# HEALTH INDICATORS (previously health.*)

spring-boot-docs/src/main/asciidoc/production-ready-features.adoc

@@ -520,7 +520,7 @@ TIP: Generated passwords are logged as the application starts. Search for '`Usin
 security password`'.
 
 You can use Spring properties to change the username and password and to change the
-security role required to access the endpoints. For example, you might set the following
+security roles required to access the endpoints. For example, you might set the following
 in your `application.properties`:
 
 [source,properties,indent=0]