Vault authentication uses non-existing token instead of spring.cloud.config.server.vault.authentication #3172
Description
Describe the bug
For composite vault sources, a basic config server with spring cloud 4.2 used the authentication configuration in spring.cloud.config.server.vault for composite vault sources.
The same code updated to spring boot 3.5 / spring cloud starter 2025.0 + spring cloud 4.3 falls back to token authentication and fails because no token is configured (Missing required header in HttpServletRequest: X-Config-Token).
This might be related to 1a34bbe, but neither the documentation nor the release notes mention anything about it.
Sample configuration:
spring:
profiles:
active: composite
cloud:
config:
server:
bootstrap: false
composite:
- type: native
search-locations: local
- type: vault # no authentication, should be inherited from spring.cloud.config.server.vault
# works with spring cloud 4.2 but not with 5.0
host: vault-host
port: 443
scheme: https
kvVersion: 2
backend: vault/backend/another/path
vault:
host: vault-host
port: 443
scheme: https
kvVersion: 2
backend: vault/backend/path
authentication: KUBERNETES
kubernetes:
role: config-server-role
kubernetes-path: kubernetes