I have an embedded Spring boot app with a Nuxt/VueJS frontend and I need to enable access to cockpit (for just some admin users).
I’ve got to proxy most of the paths but the authentication process is failing. I saw some topics here and looks like there’s some security issues related to it.
So I have some questions:
- Is there a detailed documentation where I can find what headers should be added/changed?
- is there a way to disable such validation or just make it less restrictive?
- Would it be possible (and make some sense) to remove webapps from my spring app and start a separated vanilla instance with only cockpit/admin? In this case this new instance should not start any job executor (since all business classes would be in the ‘main’ instance), while I could scale up new ‘main’ instances without loading webapps, possibly reducing the loading time.