enable actuator security in config server

Author: chidov

config/Dockerfile

@@ -4,6 +4,6 @@ MAINTAINER Alexander Lukyanchikov <[email protected]>
 ADD ./target/config.jar /app/
 CMD ["java", "-Xmx200m", "-jar", "/app/config.jar"]
 
-HEALTHCHECK --interval=10s --timeout=3s CMD curl -f http://localhost:8888/health || exit 1
+HEALTHCHECK --interval=10s --timeout=3s CMD curl -f http://localhost:8888/actuator/health || exit 1
 
 EXPOSE 8888

config/src/main/java/com/piggymetrics/config/SecurityConfig.java

@@ -0,0 +1,24 @@
+package com.piggymetrics.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+/**
+ * @author cdov
+ */
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.csrf().disable();
+        http
+            .authorizeRequests()
+                .antMatchers("/actuator/**").permitAll()
+                .anyRequest().authenticated()
+            .and()
+                .httpBasic()
+                ;
+    }
+}