health check 추가

This commit is contained in:
Hyojin Ahn 2026-06-09 12:32:15 -04:00
parent b5a4a2195c
commit e8eb4381f2
2 changed files with 5 additions and 0 deletions

View File

@ -24,6 +24,7 @@ dependencies {
implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'org.springframework.boot:spring-boot-starter-web' implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.boot:spring-boot-starter-validation' implementation 'org.springframework.boot:spring-boot-starter-validation'
implementation 'org.springframework.boot:spring-boot-starter-actuator'
// OpenAPI / Swagger UI // OpenAPI / Swagger UI
implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.1.0' implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.1.0'

View File

@ -18,6 +18,9 @@ import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter; import org.springframework.web.filter.CorsFilter;
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
import org.springframework.boot.actuate.health.HealthEndpoint;
@Configuration @Configuration
@EnableMethodSecurity // @PreAuthorize 사용 가능 @EnableMethodSecurity // @PreAuthorize 사용 가능
@RequiredArgsConstructor @RequiredArgsConstructor
@ -31,6 +34,7 @@ public class SecurityConfig {
.csrf(csrf -> csrf.disable()) // CSRF 비활성화 (API 서버라면 stateless) .csrf(csrf -> csrf.disable()) // CSRF 비활성화 (API 서버라면 stateless)
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // 세션 사용 안함 .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // 세션 사용 안함
.authorizeHttpRequests(auth -> auth .authorizeHttpRequests(auth -> auth
.requestMatchers(EndpointRequest.to(HealthEndpoint.class)).permitAll()
.requestMatchers("/swagger-ui/**", "/v3/api-docs/**").permitAll() .requestMatchers("/swagger-ui/**", "/v3/api-docs/**").permitAll()
.requestMatchers("/ext/**").permitAll() .requestMatchers("/ext/**").permitAll()
.requestMatchers("/scheduler/**").permitAll() .requestMatchers("/scheduler/**").permitAll()