Commit Graph

2 Commits

Author SHA1 Message Date
Johnny Lim
acc36c076d Polish
See gh-8004
2017-01-17 09:53:50 +01:00
Madhura Bhave
4ea47220e9 Match nested paths for insensitive actuators
Update `ManagementWebSecurityAutoConfiguration` to match nested path
for insensitive actuators.

Prior to this commit, when Spring Security was on the classpath
nested paths were considered sensitive (even if the actuator
endpoint was not sensitive). i.e. when setting
`endpoints.env.sensitive=false` `/env` could be accessed without
authentication but `/env/user` could not.

Fixes gh-7868
Closes gh-7881
2017-01-05 18:45:30 -08:00