From 4029a3f5475633dff3603675255eeef8e2f9d912 Mon Sep 17 00:00:00 2001
From: Tim Schimandle <tschiman@gmail.com>
Date: Mon, 3 Oct 2016 18:18:30 -0600
Subject: [PATCH] BAEL-315 really lock down the discovery server

---
 .../spring/cloud/bootstrap/discovery/SecurityConfig.java        | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/spring-cloud/spring-cloud-bootstrap/discovery/src/main/java/com/baeldung/spring/cloud/bootstrap/discovery/SecurityConfig.java b/spring-cloud/spring-cloud-bootstrap/discovery/src/main/java/com/baeldung/spring/cloud/bootstrap/discovery/SecurityConfig.java
index f6bd0ca167..20a7fdeda1 100644
--- a/spring-cloud/spring-cloud-bootstrap/discovery/src/main/java/com/baeldung/spring/cloud/bootstrap/discovery/SecurityConfig.java
+++ b/spring-cloud/spring-cloud-bootstrap/discovery/src/main/java/com/baeldung/spring/cloud/bootstrap/discovery/SecurityConfig.java
@@ -40,6 +40,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     protected void configure(HttpSecurity http) throws Exception {
         http
                 .authorizeRequests()
+                    .antMatchers("/eureka/js/**","/eureka/css/**","/eureka/images/**","/eureka/fonts/**").authenticated()
+                    .antMatchers("/eureka/**").hasRole("SYSTEM")
                     .antMatchers(HttpMethod.GET, "/").hasRole("ADMIN")
                     .anyRequest().authenticated()
                 .and()