@Configuration(proxyBeanMethods=false) @ConditionalOnClass(value=org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.class) @ConditionalOnMissingBean(value=org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.class) @ConditionalOnWebApplication(type=SERVLET) @AutoConfigureBefore(value=SecurityAutoConfiguration.class) @AutoConfigureAfter(value={HealthEndpointAutoConfiguration.class,InfoEndpointAutoConfiguration.class,WebEndpointAutoConfiguration.class,OAuth2ClientAutoConfiguration.class,OAuth2ResourceServerAutoConfiguration.class,Saml2RelyingPartyAutoConfiguration.class}) @Import(value={org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityConfigurerAdapter.class,WebSecurityEnablerConfiguration.class}) public class ManagementWebSecurityAutoConfiguration extends Object
Auto-configuration
for Spring Security when actuator is
on the classpath. Specifically, it permits access to the health and info endpoints
while securing everything else.