Regarding this addon (GitHub - cuba-platform/cuba-jm: CUBA app component that brings JavaMelody monitoring functionality), I think you guys have a security issue:
GitHub documentation says -
Configure monitoring dashboard authorization credentials with cubajm.authorizedUserLogin & cubajm.authorizedUserPassword application properties. The default values are admin, admin;
I did that, and it works for the middleware monitoring (/app-core/core-jm/). Though, for web client monitoring (/app/web-jm/) it doesn’t, but it works with the default admin/admin.
Do you know how can I just disable the web client monitoring for now?
I really like the tool and I want to enable it in production.