From 1cc0602a89ecc1dc31f2fa6022ba6b9a53585861 Mon Sep 17 00:00:00 2001
From: Markus Ofterdinger <markus.ofterdinger@sap.com>
Date: Thu, 9 Jan 2025 12:49:36 +0100
Subject: [PATCH] Remove open endpoint /actuator/health (#426)

By default, CAP Java provides the open endpoints
`actuator/health/liveness` and `actuator/health/readiness`. Both can be
used by Cf or K8s for application health checks.
There is no need for a public `actuator/health` anymore.

See also in mta.yaml:
https://github.com/SAP-samples/cloud-cap-samples-java/blob/228e05f940b4d22acc7d88c862fcb6e8c085ff40/mta-multi-tenant.yaml#L18
---
 srv/src/main/java/my/bookshop/config/WebSecurityConfig.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/srv/src/main/java/my/bookshop/config/WebSecurityConfig.java b/srv/src/main/java/my/bookshop/config/WebSecurityConfig.java
index 346a784f..18bd091b 100644
--- a/srv/src/main/java/my/bookshop/config/WebSecurityConfig.java
+++ b/srv/src/main/java/my/bookshop/config/WebSecurityConfig.java
@@ -18,7 +18,7 @@ public class WebSecurityConfig {
 
 	@Bean
 	public SecurityFilterChain configure(HttpSecurity http) throws Exception {
-		return http.securityMatchers(s -> s.requestMatchers(antMatcher("/actuator/health"), antMatcher("/swagger/**"))) //
+		return http.securityMatchers(s -> s.requestMatchers(antMatcher("/swagger/**"))) //
 				.csrf(c -> c.disable()).authorizeHttpRequests(a -> a.anyRequest().permitAll())
 				.build();
 	}