diff --git a/activiti-cloud-runtime-bundle-service/activiti-cloud-starter-runtime-bundle/src/test/java/org/activiti/cloud/starter/tests/security/TestActuatorSecurityIT.java b/activiti-cloud-runtime-bundle-service/activiti-cloud-starter-runtime-bundle/src/test/java/org/activiti/cloud/starter/tests/security/TestActuatorSecurityIT.java index a94b3e2c455..5780f05136c 100644 --- a/activiti-cloud-runtime-bundle-service/activiti-cloud-starter-runtime-bundle/src/test/java/org/activiti/cloud/starter/tests/security/TestActuatorSecurityIT.java +++ b/activiti-cloud-runtime-bundle-service/activiti-cloud-starter-runtime-bundle/src/test/java/org/activiti/cloud/starter/tests/security/TestActuatorSecurityIT.java @@ -23,13 +23,9 @@ import org.activiti.cloud.services.test.containers.RabbitMQContainerApplicationInitializer; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.SpringBootConfiguration; -import org.springframework.boot.autoconfigure.EnableAutoConfiguration; -import org.springframework.boot.info.BuildProperties; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.boot.test.context.SpringBootTest.WebEnvironment; -import org.springframework.boot.test.mock.mockito.MockBean; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.web.servlet.MockMvc; @@ -43,16 +39,9 @@ public class TestActuatorSecurityIT { @Autowired private MockMvc mockMvc; - @MockBean - private BuildProperties buildProperties; - - @Autowired(required = false) + @Autowired private CommonSecurityAutoConfiguration commonSecurityAutoConfiguration; - @SpringBootConfiguration - @EnableAutoConfiguration - static class Application {} - @Test public void should_getActuatorLoggersAndReturnUnauthorized() throws Exception { mockMvc.perform(get("/actuator/loggers")).andExpect(status().isUnauthorized()); @@ -62,4 +51,9 @@ public void should_getActuatorLoggersAndReturnUnauthorized() throws Exception { public void should_getActuatorHealthAndReturn200ok() throws Exception { mockMvc.perform(get("/actuator/health")).andExpect(status().isOk()); } + + @Test + public void should_getActuatorInfoAndReturn200ok() throws Exception { + mockMvc.perform(get("/actuator/info")).andExpect(status().isOk()); + } } diff --git a/activiti-cloud-service-common/activiti-cloud-services-common-security/src/main/java/org/activiti/cloud/services/common/security/config/CommonSecurityAutoConfiguration.java b/activiti-cloud-service-common/activiti-cloud-services-common-security/src/main/java/org/activiti/cloud/services/common/security/config/CommonSecurityAutoConfiguration.java index 5c558448bdb..fd7b3f704c3 100644 --- a/activiti-cloud-service-common/activiti-cloud-services-common-security/src/main/java/org/activiti/cloud/services/common/security/config/CommonSecurityAutoConfiguration.java +++ b/activiti-cloud-service-common/activiti-cloud-services-common-security/src/main/java/org/activiti/cloud/services/common/security/config/CommonSecurityAutoConfiguration.java @@ -17,6 +17,7 @@ import com.github.benmanes.caffeine.cache.Caffeine; import feign.RequestInterceptor; +import java.util.Arrays; import java.util.Collection; import java.util.List; import org.activiti.api.runtime.shared.security.PrincipalGroupsProvider; @@ -239,7 +240,12 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { private RequestMatcher actuatorEndpointsMatcher() { RequestMatcher actuatorMatcher = new AntPathRequestMatcher("/actuator/**"); RequestMatcher healthMatcher = new AntPathRequestMatcher("/actuator/health/**"); - return request -> actuatorMatcher.matches(request) && !healthMatcher.matches(request); + RequestMatcher infoMatcher = new AntPathRequestMatcher("/actuator/info/**"); + + List excludeMatchers = Arrays.asList(healthMatcher, infoMatcher); + + return request -> + actuatorMatcher.matches(request) && excludeMatchers.stream().noneMatch(matcher -> matcher.matches(request)); } @Bean