diff --git a/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/properties/EndpointsProperties.java b/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/properties/EndpointsProperties.java
index 70b97e9df9c..fd83566faeb 100644
--- a/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/properties/EndpointsProperties.java
+++ b/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/properties/EndpointsProperties.java
@@ -13,7 +13,6 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
 package org.springframework.bootstrap.actuate.properties;
 
 import javax.validation.Valid;
@@ -26,6 +25,7 @@ import org.springframework.bootstrap.context.annotation.ConfigurationProperties;
  * Externalized configuration for endpoints (e.g. paths)
  * 
  * @author Dave Syer
+ * 
  */
 @ConfigurationProperties(name = "endpoints", ignoreUnknownFields = false)
 public class EndpointsProperties {
@@ -109,4 +109,14 @@ public class EndpointsProperties {
 		}
 	}
 
+	public String[] getSecurePaths() {
+		return new String[] { getMetrics().getPath(), getBeans().getPath(),
+				getDump().getPath(), getShutdown().getPath(), getTrace().getPath() };
+	}
+
+	public String[] getOpenPaths() {
+		return new String[] { getHealth().getPath(), getInfo().getPath(),
+				getError().getPath() };
+	}
+
 }
diff --git a/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/properties/SecurityProperties.java b/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/properties/SecurityProperties.java
index 100cdaa8477..f6b2e8b8165 100644
--- a/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/properties/SecurityProperties.java
+++ b/spring-bootstrap-actuator/src/main/java/org/springframework/bootstrap/actuate/properties/SecurityProperties.java
@@ -33,6 +33,8 @@ public class SecurityProperties {
 
 	private SessionCreationPolicy sessions = SessionCreationPolicy.stateless;
 
+	private String[] ignored = new String[0];
+
 	public SessionCreationPolicy getSessions() {
 		return this.sessions;
 	}
@@ -57,6 +59,14 @@ public class SecurityProperties {
 		this.requireSsl = requireSsl;
 	}
 
+	public void setIgnored(String... ignored) {
+		this.ignored = ignored;
+	}
+
+	public String[] getIgnored() {
+		return this.ignored;
+	}
+
 	public static class Basic {
 
 		private boolean enabled = true;