From c6480e025bd235c4353bf37fd2eca34f6c765c42 Mon Sep 17 00:00:00 2001
From: Tim Schimandle <tschiman@gmail.com>
Date: Wed, 5 Oct 2016 07:18:23 -0600
Subject: [PATCH] BAEL-315 change access in the config server to only users
 with SYSTEM level access.

---
 .../baeldung/spring/cloud/bootstrap/config/SecurityConfig.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spring-cloud/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/config/SecurityConfig.java b/spring-cloud/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/config/SecurityConfig.java
index b0e5d17698..4c3bd905cc 100644
--- a/spring-cloud/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/config/SecurityConfig.java
+++ b/spring-cloud/spring-cloud-bootstrap/config/src/main/java/com/baeldung/spring/cloud/bootstrap/config/SecurityConfig.java
@@ -23,7 +23,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     protected void configure(HttpSecurity http) throws Exception {
         http
                 .authorizeRequests()
-                    .anyRequest().authenticated()
+                    .anyRequest().hasRole("SYSTEM")
                 .and()
                     .httpBasic()
                 .and()