@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .requestMatchers( EndpointRequest.to(HealthEndpoint.class, InfoEndpoint.class)) .permitAll().anyRequest().authenticated().and().formLogin().and() .httpBasic(); }
@Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); http // .csrf().disable() // .authorizeRequests() // .requestMatchers(EndpointRequest.to( // InfoEndpoint.class, // HealthEndpoint.class // )).permitAll() // .requestMatchers(EndpointRequest.toAnyEndpoint()) // .hasRole("ACTUATOR") // .anyRequest().permitAll() // ; }
@Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .requestMatchers(EndpointRequest.to(ShutdownEndpoint.class)) .hasRole("ACTUATOR_ADMIN") .requestMatchers(EndpointRequest.toAnyEndpoint()) .permitAll() .requestMatchers(PathRequest.toStaticResources().atCommonLocations()) .permitAll() .antMatchers("/") .permitAll() .antMatchers("/**") .authenticated() .and() .httpBasic(); }
@Override protected void configure(final HttpSecurity http) throws Exception { // @formatter:off http .authorizeRequests() /* .requestMatchers() .antMatchers("/actuator/health") .permitAll() */ .requestMatchers(EndpointRequest.to("status", "info", "health")) .permitAll() .requestMatchers(PathRequest.toStaticResources().atCommonLocations()) .permitAll() .anyRequest() .authenticated() .and() .formLogin() .disable() .headers() .frameOptions() .sameOrigin() .and() .csrf() .disable() .httpBasic() ; // @formatter:on }
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .mvcMatchers("/admin").hasRole("ADMIN") .requestMatchers(EndpointRequest.to("info", "health")).permitAll() .requestMatchers(EndpointRequest.toAnyEndpoint()).hasRole("ACTUATOR") .requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll() .antMatchers("/events/**").hasRole("USER") .antMatchers("/**").permitAll() .and().httpBasic(); } }
@Override protected void configure(final HttpSecurity http) throws Exception { http.csrf().disable() .headers().disable() .logout() .disable() .requiresChannel() .requestMatchers(r -> r.getHeader("X-Forwarded-Proto") != null) .requiresSecure(); val requests = http.authorizeRequests(); configureEndpointAccessToDenyUndefined(http, requests); configureEndpointAccessForStaticResources(requests); val endpoints = casProperties.getMonitor().getEndpoints().getEndpoint(); endpoints.forEach(Unchecked.biConsumer((k, v) -> { val endpoint = EndpointRequest.to(k); v.getAccess().forEach(Unchecked.consumer(access -> configureEndpointAccess(http, requests, access, v, endpoint))); })); }
protected void configure(HttpSecurity http) throws Exception { http .sessionManagement() .sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and() .csrf() .disable(); http .requestMatcher(new ActuatorRequestMatcher()) .authorizeRequests() .requestMatchers(EndpointRequest.to(InfoEndpoint.class, HealthEndpoint.class)).authenticated() .requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyAuthority(DefaultPrivileges.ACCESS_ADMIN) .and().httpBasic(); } }