001/* 002 * Copyright 2012-2017 the original author or authors. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016 017package org.springframework.boot.cloudfoundry; 018 019import org.springframework.context.annotation.Configuration; 020import org.springframework.security.config.annotation.web.builders.HttpSecurity; 021import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 022 023/** 024 * Example for custom Cloud Foundry actuator ignored paths. 025 * 026 * @author Phillip Webb 027 */ 028public class CloudFoundryIgnorePathsExample { 029 030 @Configuration 031 static class CustomSecurityConfiguration extends WebSecurityConfigurerAdapter { 032 033 // @formatter:off 034 // tag::security[] 035 @Override 036 protected void configure(HttpSecurity http) throws Exception { 037 http 038 .authorizeRequests() 039 .mvcMatchers("/cloudfoundryapplication/**") 040 .permitAll() 041 .mvcMatchers("/mypath") 042 .hasAnyRole("SUPERUSER") 043 .anyRequest() 044 .authenticated().and() 045 .httpBasic(); 046 } 047 // end::security[] 048 // @formatter:on 049 050 } 051 052}