FDP-94: Enable unauthorized access to actuator endpoints

Signed-off-by: Sander Verbruggen <[email protected]>

application/src/main/java/org/gxf/soapbridge/application/configuration/SoapEndpointMapping.java

@@ -20,6 +20,11 @@ public SoapEndpointMapping(final SoapEndpoint soapEndpoint) {
 
   @Override
   protected Object getHandlerInternal(@NotNull final HttpServletRequest request) {
-    return soapEndpoint;
+    if (request.getServletPath().startsWith("/actuator")) {
+      // Let Spring handle this routing
+      return null;
+    } else {
+      return soapEndpoint;
+    }
   }
 }

application/src/main/kotlin/org/gxf/soapbridge/configuration/SecurityConfiguration.kt

@@ -18,6 +18,7 @@ class SecurityConfiguration {
     fun filterChain(http: HttpSecurity): SecurityFilterChain =
         http.authorizeHttpRequests {
             it
+                .requestMatchers("/actuator/**").permitAll()
                 .anyRequest().authenticated()
         }.x509 {
             it

application/src/main/resources/application-dev.yml

@@ -3,7 +3,6 @@ logging:
     org:
       gxf:
         soapbridge: DEBUG
-
 spring:
   kafka:
     bootstrap-servers: localhost:9092
@@ -46,3 +45,14 @@ soap:
     port: 443
     protocol: https
   time-out: 45
+
+management:
+  server:
+    port: 8888
+  #    ssl:
+  #      enabled: false
+  #      client-auth: none
+  endpoints:
+    web:
+      exposure:
+        include: health