Update SecurityConfig.java

Yashmerino · Nov 23, 2024 · 39286e0 · 39286e0
1 parent 15de895
commit 39286e0
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/online-shop-server/src/main/java/com/yashmerino/online/shop/security/SecurityConfig.java b/online-shop-server/src/main/java/com/yashmerino/online/shop/security/SecurityConfig.java
@@ -66,6 +66,15 @@ public class SecurityConfig {
             "/swagger-ui/**"
     };
 
+    /**
+     * Endpoints for Actuator.
+     */
+    private static final String[] ACTUATOR_WHITELIST = {
+        "/actuator/**",
+        "/actuator/health",
+        "/actuator/info"
+    };
+
     /**
      * Regex for all the endpoints related to authentication/authorization.
      */
@@ -150,6 +159,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         .requestMatchers(HttpMethod.DELETE, PRODUCTS_ALL_ENDPOINTS).hasAuthority(Role.SELLER.name())
                         .requestMatchers(HttpMethod.GET, CATEGORIES_ALL_ENDPOINTS).hasAnyAuthority(Role.SELLER.name(), Role.USER.name())
                         .requestMatchers(SWAGGER_WHITELIST).permitAll()
+                        .requestMatchers(ACTUATOR_WHITELIST).permitAll()
                         .anyRequest()
                         .authenticated())
                 .httpBasic();