WebWolf DataSource Discovery

webgoat-container/src/main/java/org/owasp/webgoat/WebSecurityConfig.java

@@ -58,7 +58,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     protected void configure(HttpSecurity http) throws Exception {
         ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry security = http
                 .authorizeRequests()
-                .antMatchers("/css/**", "/images/**", "/js/**", "fonts/**", "/plugins/**", "/registration", "/register.mvc").permitAll()
+                .antMatchers("/css/**", "/images/**", "/js/**", "fonts/**", "/plugins/**", "/registration", "/register.mvc", "/actuator/**").permitAll()
                 .anyRequest().authenticated();
         security.and()
                 .formLogin()

webgoat-container/src/main/resources/application-webgoat.properties

@@ -55,4 +55,8 @@ exclude.categories=${EXCLUDE_CATEGORIES:none,none}
 #exclude based on the enum of the Category
 
 exclude.lessons=${EXCLUDE_LESSONS:none,none}
-#exclude based on the class name of a lesson e.g.: LessonTemplate
+#exclude based on the class name of a lesson e.g.: LessonTemplate
+
+management.health.db.enabled=true
+management.endpoint.health.show-details=always
+management.endpoints.web.exposure.include=health,configprops