From 10e9371bb27ccae7b4c0efddb95deebfc7fe507b Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Thu, 11 May 2023 02:45:57 +0300
Subject: Fix Actuator security configuration

---
 src/main/java/com/juick/config/SecurityConfig.java | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'src/main/java')

diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java
index 41992e03..8a41ab5b 100644
--- a/src/main/java/com/juick/config/SecurityConfig.java
+++ b/src/main/java/com/juick/config/SecurityConfig.java
@@ -242,7 +242,6 @@ public class SecurityConfig {
                         .requestMatchers("/settings", "/pm/**", "/**/bl", "/_twitter", "/post",
                                 "/comment")
                         .authenticated()
-                        .requestMatchers("/actuator/**").hasRole("ADMIN")
                         .anyRequest().permitAll())
                 .anonymous(anonymous -> anonymous.principal(JuickUser.ANONYMOUS_USER)
                         .authorities(JuickUser.ANONYMOUS_AUTHORITY))
@@ -267,4 +266,10 @@ public class SecurityConfig {
                 .headers().defaultsDisabled().cacheControl();
         return http.build();
     }
+    @Bean
+    public SecurityFilterChain securityWebFilterChain(
+            HttpSecurity http) throws Exception {
+        return http.securityMatcher("/actuator/**")
+                .authorizeHttpRequests(authorize -> authorize.anyRequest().hasRole("ADMIN")).build();
+    }
 }
-- 
cgit v1.2.3