aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/org/berzerkula/builddb
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/berzerkula/builddb')
-rw-r--r--src/main/java/org/berzerkula/builddb/config/SecurityConfig.java13
1 files changed, 8 insertions, 5 deletions
diff --git a/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java b/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
index 5a971d9..da4b088 100644
--- a/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
+++ b/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
@@ -21,11 +21,9 @@ public class SecurityConfig {
//.requiresChannel(channel -> channel.anyRequest().requiresSecure())
.authorizeHttpRequests( auth -> auth
.requestMatchers("/").permitAll()
+ .requestMatchers("/actuator/health","/actuator/info").permitAll()
.requestMatchers("/actuator/**").hasRole(BuilddbConstants.ROLE_ADMIN)
- .requestMatchers("/env/**").hasRole(BuilddbConstants.ROLE_ADMIN)
- .requestMatchers("/health/**").hasRole(BuilddbConstants.ROLE_ADMIN)
- .requestMatchers("/info/**").hasRole(BuilddbConstants.ROLE_ADMIN)
- .requestMatchers("/contact").permitAll()
+ .requestMatchers("/contact").permitAll()
.requestMatchers("/pkgs/**").hasRole(BuilddbConstants.ROLE_CLIENT)
.requestMatchers("/register").permitAll()
.requestMatchers("/login").permitAll()
@@ -39,7 +37,12 @@ public class SecurityConfig {
.defaultSuccessUrl("/", true)
)
.logout(config -> config.logoutSuccessUrl("/"))
- .build();
+ .headers(headers -> headers
+ .httpStrictTransportSecurity(hsts -> hsts
+ .includeSubDomains(true)
+ .maxAgeInSeconds(40)
+ .preload(false)))
+ .build();
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-02-22 23:08:31 +0000