1 files changed, 7 insertions, 8 deletions

diff --git a/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java b/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
index 8d8b4b7..36229e3 100644
--- a/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
+++ b/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
@@ -15,20 +15,19 @@ import org.springframework.security.web.SecurityFilterChain;
 @EnableMethodSecurity
 public class SecurityConfig {
 
+	private static final String[] ADMINLIST = {"/admin", "/actuator/beans", "/actuator/env", "actuator/metrics", "/actuator/shutdown"};
+	private static final String[] CLIENTLIST = {"/client", "/pkgs/**"};
+	private static final String[] WHITELIST = {"/", "/register", "/login", "/actuator/health", "/actuator/info", "/contact"};
+
 	@Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         return http
 				.securityMatcher("/**")
 				//.requiresChannel(channel -> channel.anyRequest().requiresSecure())
                 .authorizeHttpRequests( auth -> auth
-                		.requestMatchers("/").permitAll()
-						.requestMatchers("/actuator/health","/actuator/info").permitAll()
-						.requestMatchers("/actuator/beans", "/actuator/env", "actuator/metrics", "/actuator/shutdown").hasRole(BuilddbConstants.ROLE_ADMIN)
-						.requestMatchers("/contact").permitAll()
-	                    .requestMatchers("/pkgs/**").hasRole(BuilddbConstants.ROLE_CLIENT)
-	                    .requestMatchers("/register").permitAll()
-	                    .requestMatchers("/login").permitAll()
-	                    .requestMatchers("/logout").authenticated()
+                		.requestMatchers(WHITELIST).permitAll()
+						.requestMatchers(ADMINLIST).hasRole(BuilddbConstants.ROLE_ADMIN)
+	                    .requestMatchers(CLIENTLIST).hasRole(BuilddbConstants.ROLE_CLIENT)
 	                    .anyRequest().authenticated()
                 )
 				.csrf(csrf -> csrf