Removing required auth for "/actuator/**" endpoints

application/module-certificate/src/main/java/org/fuseri/modulecertificate/config/AppSecurityConfig.java

@@ -17,7 +17,11 @@ public class AppSecurityConfig {
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception { httpSecurity.csrf().disable();
         httpSecurity.authorizeHttpRequests(x -> x
-                .requestMatchers("/swagger-ui/**", "/v3/api-docs/**", "/datainitializer").permitAll()
+                .requestMatchers(
+                        "/actuator/**",
+                        "/swagger-ui/**",
+                        "/v3/api-docs/**",
+                        "/datainitializer").permitAll()
 
                 .requestMatchers(HttpMethod.POST, "/certificates/**").hasAnyAuthority( "SCOPE_test_1", "SCOPE_test_2")
                 .requestMatchers(HttpMethod.GET, "/certificates/**").hasAnyAuthority("SCOPE_test_1")

application/module-exercise/src/main/java/org/fuseri/moduleexercise/config/AppSecurityConfig.java

@@ -20,7 +20,11 @@ public class AppSecurityConfig {
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
         httpSecurity.csrf().disable();
         httpSecurity.authorizeHttpRequests(x -> x
-                .requestMatchers("/swagger-ui/**", "/v3/api-docs/**", "/datainitializer").permitAll()
+                .requestMatchers(
+                        "/actuator/**",
+                        "/swagger-ui/**",
+                        "/v3/api-docs/**",
+                        "/datainitializer").permitAll()
 
                 .requestMatchers(HttpMethod.POST, "/answers/**").hasAnyAuthority("SCOPE_test_1", "SCOPE_test_2")
                 .requestMatchers(HttpMethod.DELETE, "/answers/**").hasAnyAuthority("SCOPE_test_1", "SCOPE_test_2")

application/module-language-school/src/main/java/org/fuseri/modulelanguageschool/config/AppSecurityConfig.java

@@ -21,7 +21,11 @@ public class AppSecurityConfig {
         httpSecurity.csrf().disable();
         httpSecurity.authorizeHttpRequests(x -> x
                 // "/users/register" is for automatic registering upon authentication
-                .requestMatchers("/swagger-ui/**", "/v3/api-docs/**", "/datainitializer").permitAll()
+                .requestMatchers(
+                        "/actuator/**",
+                        "/swagger-ui/**",
+                        "/v3/api-docs/**",
+                        "/datainitializer").permitAll()
 
                 // PUT
                 .requestMatchers(HttpMethod.PUT, "/courses/**").hasAnyAuthority("SCOPE_test_1", "SCOPE_test_2")

application/module-mail/src/main/java/org/fuseri/modulemail/service/AppSecurityConfig.java

 package org.fuseri.modulemail.service;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
@@ -19,7 +18,10 @@ public class AppSecurityConfig {
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
         httpSecurity.csrf().disable();
         httpSecurity.authorizeHttpRequests(x -> x
-                .requestMatchers("/swagger-ui/**", "/v3/api-docs/**").permitAll()
+                .requestMatchers(
+                        "/actuator/**",
+                        "/swagger-ui/**",
+                        "/v3/api-docs/**").permitAll()
            .anyRequest().authenticated()
 
         ).oauth2ResourceServer(OAuth2ResourceServerConfigurer::opaqueToken)