From 9d2bc02acbefce52e546032effe6ea5c95f111c3 Mon Sep 17 00:00:00 2001
From: yoonho <nam2660433@gmail.com>
Date: Fri, 28 Nov 2025 12:16:04 +0900
Subject: [PATCH] =?UTF-8?q?hotfix:=20Security=20Config=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95=20-=20actuator=20path=20=EC=84=A4=EC=A0=95=20-=20?=
 =?UTF-8?q?=EC=97=90=EB=9F=AC=20=EB=A1=9C=EA=B7=B8=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/earseo/gateway/common/config/WebSecurityConfig.java   | 1 +
 .../gateway/common/exception/GlobalExceptionHandler.java      | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/earseo/gateway/common/config/WebSecurityConfig.java b/src/main/java/com/earseo/gateway/common/config/WebSecurityConfig.java
index cb8292e..f2a8639 100644
--- a/src/main/java/com/earseo/gateway/common/config/WebSecurityConfig.java
+++ b/src/main/java/com/earseo/gateway/common/config/WebSecurityConfig.java
@@ -41,6 +41,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                         .requestMatchers("/api/user/**").hasAnyAuthority("USER", "ADMIN")
                         .requestMatchers("/api/admin/**").hasAuthority("ADMIN")
                         .requestMatchers("/api/**").permitAll()
+                        .requestMatchers("/actuator/**").permitAll()
                         .anyRequest().authenticated())
                 .exceptionHandling(exceptionHandler -> exceptionHandler
                         .authenticationEntryPoint(customAuthenticationEntryPoint)
diff --git a/src/main/java/com/earseo/gateway/common/exception/GlobalExceptionHandler.java b/src/main/java/com/earseo/gateway/common/exception/GlobalExceptionHandler.java
index 37e9a0e..95a7e1e 100644
--- a/src/main/java/com/earseo/gateway/common/exception/GlobalExceptionHandler.java
+++ b/src/main/java/com/earseo/gateway/common/exception/GlobalExceptionHandler.java
@@ -48,7 +48,7 @@ public ResponseEntity<BaseResponse<String>> handleValidationException(MethodArgu
 
     @ExceptionHandler(AuthenticationException.class)
     public ResponseEntity<BaseResponse<String>> handleAuthenticationException(AuthenticationException e) {
-        log.warn("리소스 없음: ", e);
+        log.warn("UNAUTHORIZED: ", e);
         return ResponseEntity
                 .status(HttpStatus.UNAUTHORIZED)
                 .body(BaseResponse.onFailure("UNAUTHORIZED", "401", null));
@@ -56,7 +56,7 @@ public ResponseEntity<BaseResponse<String>> handleAuthenticationException(Authen
 
     @ExceptionHandler(AccessDeniedException.class)
     public ResponseEntity<BaseResponse<String>> handleAccessDeniedException(AccessDeniedException e) {
-        log.warn("리소스 없음: ", e);
+        log.warn("FORBIDDEN: ", e);
         return ResponseEntity
                 .status(HttpStatus.FORBIDDEN)
                 .body(BaseResponse.onFailure("FORBIDDEN", "403", null));