diff options
Diffstat (limited to 'runtime-acm/src/main/java')
| -rw-r--r-- | runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java b/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java index d38771d78..e8b28079b 100644 --- a/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java +++ b/runtime-acm/src/main/java/org/onap/policy/clamp/acm/runtime/config/SecurityConfig.java @@ -20,6 +20,7 @@ package org.onap.policy.clamp.acm.runtime.config; +import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; @@ -30,20 +31,35 @@ import org.springframework.security.web.SecurityFilterChain; */ @Configuration public class SecurityConfig { + @Value("${metrics.security.disabled}") + private boolean disableMetricsSecurity; /** * Return the configuration of how access to this module's REST end points is secured. * * @param http the HTTP security settings * @return the HTTP security settings */ + @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - http - .httpBasic() - .and() - .authorizeHttpRequests().anyRequest().authenticated() - .and() - .csrf().disable(); + if (disableMetricsSecurity) { + http + .httpBasic() + .and() + .authorizeHttpRequests(request -> + request + .antMatchers("/prometheus").permitAll() + .anyRequest().authenticated()) + .csrf().disable(); + } else { + http + .httpBasic() + .and() + .authorizeHttpRequests().anyRequest().authenticated() + .and() + .csrf().disable(); + } + return http.build(); } } |