diff --git a/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/FeaturesEndpoint.java b/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/FeaturesEndpoint.java index b2bc1e037f..d6cf1eb781 100644 --- a/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/FeaturesEndpoint.java +++ b/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/FeaturesEndpoint.java @@ -7,7 +7,7 @@ import java.util.Map; import java.util.concurrent.ConcurrentHashMap; @Component -@Endpoint(id = "features", enableByDefault = true) +@Endpoint(id = "features") public class FeaturesEndpoint { private Map features = new ConcurrentHashMap<>(); diff --git a/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/Spring5ReactiveApplication.java b/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/Spring5ReactiveApplication.java index 03943d436d..600bff5948 100644 --- a/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/Spring5ReactiveApplication.java +++ b/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/Spring5ReactiveApplication.java @@ -4,7 +4,7 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication -public class Spring5ReactiveApplication{ +public class Spring5ReactiveApplication { public static void main(String[] args) { SpringApplication.run(Spring5ReactiveApplication.class, args); diff --git a/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/WebSecurityConfig.java b/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/WebSecurityConfig.java index 07f805fea4..384e26ac8c 100644 --- a/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/WebSecurityConfig.java +++ b/spring-5-reactive-security/src/main/java/com/baeldung/reactive/actuator/WebSecurityConfig.java @@ -1,10 +1,7 @@ package com.baeldung.reactive.actuator; -import org.springframework.boot.actuate.autoconfigure.security.reactive.EndpointRequest; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; import org.springframework.security.config.web.server.ServerHttpSecurity; import org.springframework.security.web.server.SecurityWebFilterChain; @@ -12,17 +9,15 @@ import org.springframework.security.web.server.SecurityWebFilterChain; @Configuration @EnableWebFluxSecurity public class WebSecurityConfig { - - + @Bean public SecurityWebFilterChain securitygWebFilterChain( ServerHttpSecurity http) { - return http - - .authorizeExchange() - .matchers(EndpointRequest.to( - FeaturesEndpoint.class - )).permitAll().anyExchange().permitAll().and().csrf().disable().build(); + + return http.authorizeExchange() + .pathMatchers("/actuator/**").permitAll() + .anyExchange().authenticated() + .and().build(); } - + } diff --git a/spring-5-reactive-security/src/main/java/com/baeldung/reactive/security/SecurityConfig.java b/spring-5-reactive-security/src/main/java/com/baeldung/reactive/security/SecurityConfig.java index 225f78b3f7..64e96ddae1 100644 --- a/spring-5-reactive-security/src/main/java/com/baeldung/reactive/security/SecurityConfig.java +++ b/spring-5-reactive-security/src/main/java/com/baeldung/reactive/security/SecurityConfig.java @@ -21,12 +21,12 @@ public class SecurityConfig { @Bean public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) { return http.authorizeExchange() - .pathMatchers("/", "/admin") + .pathMatchers("/admin") .hasAuthority("ROLE_ADMIN") .matchers(EndpointRequest.to(FeaturesEndpoint.class)) .permitAll() .anyExchange() - .permitAll() + .authenticated() .and() .formLogin() .and()