diff --git a/bookstore/pom.xml b/bookstore/pom.xml
index 172cd9a..7a0e86e 100644
--- a/bookstore/pom.xml
+++ b/bookstore/pom.xml
@@ -83,6 +83,14 @@
runtime
+
+
+ org.springframework.boot
+ spring-boot-starter-actuator
+
+
diff --git a/bookstore/src/main/java/com/fjordtek/bookstore/config/WebSecurityConfig.java b/bookstore/src/main/java/com/fjordtek/bookstore/config/WebSecurityConfig.java
index ccd45e3..98683f0 100644
--- a/bookstore/src/main/java/com/fjordtek/bookstore/config/WebSecurityConfig.java
+++ b/bookstore/src/main/java/com/fjordtek/bookstore/config/WebSecurityConfig.java
@@ -89,7 +89,12 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
- .antMatcher(env.getProperty("spring.data.rest.base-path") + "/**")
+ .requestMatchers()
+ .antMatchers(
+ env.getProperty("spring.data.rest.base-path") + "/**",
+ env.getProperty("page.url.actuator") + "/**"
+ )
+ .and()
.authorizeRequests(
authorize -> authorize
.anyRequest().hasAuthority(env.getProperty("auth.authority.admin"))
@@ -133,7 +138,9 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
env.getProperty("page.url.resources.images") + "/**"
// "/favicon.ico",
).permitAll()
- .antMatchers(env.getProperty("page.url.apiref") + "/**")
+ .antMatchers(
+ env.getProperty("page.url.apiref") + "/**"
+ )
.hasAuthority(env.getProperty("auth.authority.admin"))
.anyRequest()
.authenticated()
diff --git a/bookstore/src/main/resources/website.properties b/bookstore/src/main/resources/website.properties
index d7150ee..665c526 100644
--- a/bookstore/src/main/resources/website.properties
+++ b/bookstore/src/main/resources/website.properties
@@ -24,6 +24,7 @@ page.url.apiref = /apiref
page.url.autherror = /autherror
page.url.error = /error
+page.url.actuator = /actuator
# BookRestController
# Public JSON end points