.csrf()
.ignoringAntMatchers("/remote-api/**")
.ignoringAntMatchers("/api/publicdata/**")
+ .ignoringAntMatchers("/api/inject/**")
.ignoringAntMatchers("/healthcheck")
.ignoringAntMatchers("/websocket/**")
.and()
.antMatchers("/api/logs/**").hasAuthority(AuthoritiesConstants.ADMIN)
.antMatchers("/api/audits/**").hasAuthority(AuthoritiesConstants.ADMIN)
.antMatchers("/api/publicdata/**").permitAll()
+ .antMatchers("/api/inject/**").permitAll()
.antMatchers("/api/**").authenticated()
.antMatchers("/metrics/**").hasAuthority(AuthoritiesConstants.ADMIN)
.antMatchers("/health/**").hasAuthority(AuthoritiesConstants.ADMIN)