add :: exporter endpoint sercurity config

GSM-MSG · Feb 2, 2024 · 1a73074 · 1a73074
1 parent ebfac56
commit 1a73074
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt b/src/main/kotlin/com/msg/gauth/global/security/SecurityConfig.kt
@@ -4,9 +4,12 @@ import com.fasterxml.jackson.databind.ObjectMapper
 import com.msg.gauth.global.security.config.FilterConfig
 import com.msg.gauth.global.security.jwt.JwtTokenProvider
 import com.msg.gauth.global.security.jwt.TokenParser
+import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest
+import org.springframework.boot.actuate.autoconfigure.security.servlet.SecurityRequestMatchersManagementContextConfiguration
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.http.HttpMethod
+import org.springframework.security.config.Customizer.withDefaults
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.http.SessionCreationPolicy
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
@@ -15,6 +18,7 @@ import org.springframework.security.web.SecurityFilterChain
 import org.springframework.security.web.util.matcher.RequestMatcher
 import org.springframework.web.cors.CorsUtils
 
+
 @Configuration
 class SecurityConfig(
     private val jwtTokenProvider: JwtTokenProvider,
@@ -88,6 +92,11 @@ class SecurityConfig(
             .antMatchers(HttpMethod.POST, "/image").authenticated()
             .antMatchers(HttpMethod.DELETE, "/image").authenticated()
 
+            // Actuator
+            .antMatchers(HttpMethod.GET, "/actuator/health").hasRole("ADMIN")
+            .antMatchers(HttpMethod.GET, "/actuator/info").hasRole("ADMIN")
+            .antMatchers(HttpMethod.GET, "/actuator/prometheus").hasRole("ADMIN")
+
             .anyRequest().denyAll()
             .and()
             .exceptionHandling()