1. 首页
  2. 问答
  3. 为弹簧启动应用程序配置swagger

为弹簧启动应用程序配置swagger

2016-08-20 121 views
0

我有以下this article在我的弹簧启动应用程序上配置swagger。这里是我SwaggerConfig为弹簧启动应用程序配置swagger

package com.path.to.project.config; 

import org.springframework.context.annotation.Bean; 
import org.springframework.context.annotation.Configuration; 
import springfox.documentation.builders.PathSelectors; 
import springfox.documentation.builders.RequestHandlerSelectors; 
import springfox.documentation.spi.DocumentationType; 
import springfox.documentation.spring.web.plugins.Docket; 
import springfox.documentation.swagger2.annotations.EnableSwagger2; 

@Configuration 
@EnableSwagger2 
public class SwaggerConfig { 
    @Bean 
    public Docket api() { 
     return new Docket(DocumentationType.SWAGGER_2) 
       .select() 
       .apis(RequestHandlerSelectors.any()) 
       .paths(PathSelectors.any()) 
       .build(); 
    } 
}

这里是我的WebSecurityConfig

package com.path.to.project.config; 

import com.path.to.project.jwt.JwtAuthenticationEntryPoint; 
import com.path.to.project.jwt.JwtAuthenticationTokenFilter; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.context.annotation.Bean; 
import org.springframework.context.annotation.Configuration; 
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; 
import org.springframework.security.config.annotation.web.builders.HttpSecurity; 
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 
import org.springframework.security.config.http.SessionCreationPolicy; 
import org.springframework.security.core.userdetails.UserDetailsService; 
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 
import org.springframework.security.crypto.password.PasswordEncoder; 
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 

@Configuration 
@EnableWebSecurity 
@EnableGlobalMethodSecurity(prePostEnabled = true) 
public class WebSecurityConfig extends WebSecurityConfigurerAdapter { 

    @Autowired 
    private JwtAuthenticationEntryPoint unauthorizedHandler; 

    @Autowired 
    private UserDetailsService userDetailsService; 

    @Autowired 
    public void configureAuthentication(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception { 
     authenticationManagerBuilder.userDetailsService(userDetailsService) 
       .passwordEncoder(passwordEncoder()); 
    } 

    @Bean 
    public JwtAuthenticationTokenFilter authenticationTokenFilterBean() throws Exception { 
     return new JwtAuthenticationTokenFilter(); 
    } 

    @Override 
    protected void configure(HttpSecurity httpSecurity) throws Exception { 
     httpSecurity 
       .csrf().disable() 
       .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and() 
       .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() 
       .authorizeRequests() 
       .antMatchers("/auth/**").permitAll() 
       .antMatchers("/register/**").permitAll() 
       .antMatchers("/swagger-ui*").permitAll() 
       .antMatchers("/sysadmin/**").hasRole("SYSADMIN") 
       .antMatchers("/admin/**").hasRole("ADMIN") 
       .antMatchers("/siteadmin/**").hasRole("SITEADMIN") 
       .anyRequest().authenticated(); 

     // Custom JWT based security filter 
     httpSecurity 
       .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class); 

    } 

    @Bean 
    public PasswordEncoder passwordEncoder() { 
     PasswordEncoder encoder = new BCryptPasswordEncoder(); 
     return encoder; 
    } 

}

所以,当我运行春天启动的应用程序(我使用的IntelliJ构建和部署JBoss上)我看到下面的UI

Swagger UI on local spring-boot app

我是缺少在这里?

来源

2016-08-20 Em Ae

+0

您是否使用JAR或WAR部署?你的JS/CSS文件目前位于哪里? – luboskrnac

回答

0

看起来像你的CSS/JS未加载。我会检查您的浏览器日志以查看使用哪个URL进行请求,并设置httpSecurity以允许这些资源加载类似于您现有的安全角色。

来源

2016-08-21 00:19:10

+0

好的谢谢你的提示。这可能是因为我的安全配置。我可以添加'.css'和'.js'文件的规则,但即使CSS/JS没有加载,为什么没有** swagger **显示我的api及其方法?它与'.css/js'没有关系? –

+0

只是猜测,但默认的Swagger UI需要从服务器访问swagger.json文件。如果'.css'和'.js'文件没有加载,那么我猜测没有加载swagger文件。 –

0

在WebSecurityConfig,添加以下规则

.antMatchers( “/ V2/API-文档”, “/配置/ UI”, “/招摇资源”, “/配置/安全”,“/招摇-ui.html“,”/ webjars/**“)。permitAll()

/v2/api-docs - 这允许spring security显示api及其方法。您可以通过在萤火虫或铬调试模式下监控网络流量来识别问题

来源

2016-10-08 02:45:49 Ramesh

相关问题

 相关问题