diff --git a/spring-boot-modules/spring-boot-actuator/pom.xml b/spring-boot-modules/spring-boot-actuator/pom.xml
index a808b8cb1b..3cb324a0b8 100644
--- a/spring-boot-modules/spring-boot-actuator/pom.xml
+++ b/spring-boot-modules/spring-boot-actuator/pom.xml
@@ -28,6 +28,10 @@
org.springframework.boot
spring-boot-starter-data-jpa
+
+ org.springframework.boot
+ spring-boot-starter-security
+
com.h2database
h2
@@ -44,6 +48,11 @@
+
+ org.springframework.security
+ spring-security-test
+ test
+
@@ -53,6 +62,7 @@
spring-boot-maven-plugin
com.baeldung.probes.ProbesApplication
+ com.baeldung.endpoints.enabling.EndpointEnablingApplication
diff --git a/spring-boot-modules/spring-boot-actuator/src/main/java/com/baeldung/endpoints/enabling/EndpointEnablingApplication.java b/spring-boot-modules/spring-boot-actuator/src/main/java/com/baeldung/endpoints/enabling/EndpointEnablingApplication.java
new file mode 100644
index 0000000000..2e8024dcd5
--- /dev/null
+++ b/spring-boot-modules/spring-boot-actuator/src/main/java/com/baeldung/endpoints/enabling/EndpointEnablingApplication.java
@@ -0,0 +1,15 @@
+package com.baeldung.endpoints.enabling;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
+
+@SpringBootApplication(exclude = { SecurityAutoConfiguration.class, ManagementWebSecurityAutoConfiguration.class }, scanBasePackages = "com.baeldung.endpoints.enabling")
+public class EndpointEnablingApplication {
+
+ public static void main(String[] args) {
+ SpringApplication.run(EndpointEnablingApplication.class, args);
+ }
+
+}
diff --git a/spring-boot-modules/spring-boot-actuator/src/main/java/com/baeldung/endpoints/enabling/SecurityConfiguration.java b/spring-boot-modules/spring-boot-actuator/src/main/java/com/baeldung/endpoints/enabling/SecurityConfiguration.java
new file mode 100644
index 0000000000..24b78642f2
--- /dev/null
+++ b/spring-boot-modules/spring-boot-actuator/src/main/java/com/baeldung/endpoints/enabling/SecurityConfiguration.java
@@ -0,0 +1,36 @@
+package com.baeldung.endpoints.enabling;
+
+import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
+ auth.inMemoryAuthentication()
+ .withUser("user")
+ .password(encoder.encode("password"))
+ .roles("USER")
+ .and()
+ .withUser("admin")
+ .password(encoder.encode("admin"))
+ .roles("USER", "ADMIN");
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.requestMatcher(EndpointRequest.toAnyEndpoint())
+ .authorizeRequests((requests) -> requests.anyRequest()
+ .hasRole("ADMIN"));
+ http.httpBasic();
+ }
+}
diff --git a/spring-boot-modules/spring-boot-actuator/src/main/resources/application.properties b/spring-boot-modules/spring-boot-actuator/src/main/resources/application.properties
index de7be417a8..e69c763eeb 100644
--- a/spring-boot-modules/spring-boot-actuator/src/main/resources/application.properties
+++ b/spring-boot-modules/spring-boot-actuator/src/main/resources/application.properties
@@ -11,3 +11,6 @@ info.app.name=Spring Sample Application
info.app.description=This is my first spring boot application G1
info.app.version=1.0.0
info.java-vendor = ${java.specification.vendor}
+
+management.endpoints.web.exposure.include=*
+management.endpoint.shutdown.enabled=true
diff --git a/spring-boot-modules/spring-boot-actuator/src/test/java/com/baeldung/endpoints/enabling/EndpointEnablingIntegrationTest.java b/spring-boot-modules/spring-boot-actuator/src/test/java/com/baeldung/endpoints/enabling/EndpointEnablingIntegrationTest.java
new file mode 100644
index 0000000000..8a9dd4ca72
--- /dev/null
+++ b/spring-boot-modules/spring-boot-actuator/src/test/java/com/baeldung/endpoints/enabling/EndpointEnablingIntegrationTest.java
@@ -0,0 +1,36 @@
+package com.baeldung.endpoints.enabling;
+
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.web.servlet.MockMvc;
+
+@SpringBootTest
+@AutoConfigureMockMvc
+public class EndpointEnablingIntegrationTest {
+ @Autowired
+ private MockMvc mockMvc;
+
+ @Test
+ @WithMockUser(username = "user", password = "password", roles = "USER")
+ public void givenWrongAuthentication_whenCallingActuator_thenReturns401() throws Exception {
+ mockMvc.perform(get("/actuator"))
+ .andExpect(status().isForbidden());
+ }
+
+ @Test
+ @WithMockUser(username = "admin", password = "admin", roles = "ADMIN")
+ public void givenProperAuthentication_whenCallingActuator_thenReturnsExpectedEndpoints() throws Exception {
+ mockMvc.perform(get("/actuator"))
+ .andExpect(jsonPath("$._links").exists())
+ .andExpect(jsonPath("$._links.beans").exists())
+ .andExpect(jsonPath("$._links.env").exists())
+ .andExpect(jsonPath("$._links.shutdown").exists());
+ }
+}