From b837163c7911388262ca4be3edd38e2e7e8d025c Mon Sep 17 00:00:00 2001
From: anhefti <andreas.hefti@let.ethz.ch>
Date: Wed, 20 Dec 2023 12:19:53 +0100
Subject: [PATCH] make actuator optional

---
 .../webservice/weblayer/WebServiceSecurityConfig.java       | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/WebServiceSecurityConfig.java b/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/WebServiceSecurityConfig.java
index 826cbfa7..f21732bc 100644
--- a/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/WebServiceSecurityConfig.java
+++ b/src/main/java/ch/ethz/seb/sebserver/webservice/weblayer/WebServiceSecurityConfig.java
@@ -92,7 +92,7 @@ public class WebServiceSecurityConfig extends WebSecurityConfigurerAdapter {
     private String adminAPIEndpoint;
     @Value("${sebserver.webservice.api.exam.endpoint}")
     private String examAPIEndpoint;
-    @Value("${management.endpoints.web.base-path}")
+    @Value("${management.endpoints.web.base-path:NONE}")
     private String actuatorEndpoint;
     @Value("${sebserver.webservice.http.redirect.gui}")
     private String unauthorizedRedirect;
@@ -181,6 +181,10 @@ public class WebServiceSecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Bean
     protected ResourceServerConfiguration sebServerActuatorResources() throws Exception {
+        if ("NONE".equals(this.actuatorEndpoint)) {
+            return null;
+        }
+
         return new ActuatorResourceServerConfiguration(
                 this.tokenStore,
                 this.webServiceClientDetails,