迁移到Java 17后，即使在配置中忽略，Swagger UI也会提示登录

au9on6nz 于 10个月前发布在 Java

关注(0)|答案(1)|浏览(186)

<dependency>
     <groupId>io.springfox</groupId>
     <artifactId>springfox-swagger2</artifactId>
     <version>2.9.2</version>
 </dependency>

 <dependency>
      <groupId>io.springfox</groupId>
      <artifactId>springfox-bean-validators</artifactId>
      <version>2.9.2</version>
 </dependency>

 <dependency>
      <groupId>io.springfox</groupId>
      <artifactId>springfox-swagger-ui</artifactId>
      <version>2.9.2</version>
 </dependency>

// Web Security Config 

public static final String[] excludedURLs = {
            "/swagger-ui.html", "/webjars/**", "/swagger-resources/**", "/v2/**"};
@Bean
    public WebSecurityCustomizer webSecurityCustomizer() {
        return (web) -> web.ignoring().antMatchers(excludedURLs);
    }

@Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http.authenticationProvider(XXXXAPIAuthenticationProvider)
                     .httpBasic()
                     .and()
                     .authorizeRequests()
                     .antMatchers(excludedURLs).permitAll()
                    .anyRequest().authenticated()
                    .and()
                    .addFilter(getXXXXXBasicAuthenticationFilter())
                    .addFilterBefore(getOktaAuthFilter(), XXXXXXBasicAuthenticationFilter.class)
                    .csrf().disable();

        return http.build();
    }

// Swagger Config

@Profile({"Test","STAGE"})
@Configuration
@EnableSwagger2
public class SwaggerConfig {

    private static final String AUTHORIZATION_HEADER = "Authorization";
    public static final String DEFAULT_INCLUDE_PATTERN = "/.*";

    @Bean
    public Docket api() {
        Docket docket=new Docket(DocumentationType.SWAGGER_2)
                .securityContexts(Lists.newArrayList(securityContext()))
                .securitySchemes(Lists.newArrayList(apiKey()))
                .useDefaultResponseMessages(false)
                .select()
                .apis(RequestHandlerSelectors
                        .basePackage("com.XXXX.XXXX.controllers"))
                .paths(regex("/.*"))
                .build()
                .apiInfo(apiEndPointsInfo());
        docket = docket.select()
                .paths(regex(DEFAULT_INCLUDE_PATTERN))
                .build();

        return docket;
    }

字符串
我看过下面的帖子
为什么springfox-swagger 2 UI告诉我“无法推断基本url”。
https://github.com/springfox/springfox/issues/2191
https://github.com/springfox/springfox/issues/2907的
Unable to infer base url... springfox-swagger2 version 2.9.2的
请让我知道我错过了什么

Java

来源：https://stackoverflow.com/questions/75156723/swagger-ui-is-prompting-for-login-even-after-ignoring-in-configuration-after-mig

1条答案

按热度按时间

pgccezyw1#

旧的swagger（<= 2.9.2或v1/docs，v2/docs）不能与Java 17或更高版本一起工作，因此我升级了Swagger以使用开放API。在应用程序pom.xml中的maven依赖项下方添加

<dependency>
      <groupId>org.springdoc</groupId>
      <artifactId>springdoc-openapi-ui</artifactId>
      <version>1.6.15</version>
  </dependency>

字符串
删除了所有与版本2.9.2相关的swagger相关的依赖项，也不需要显式定义SwaggerConfig.java删除了此类。
只需在spring安全配置中允许所有路径“/v3/api-docs/”，“/swagger-ui/”，如下所示，swagger UI就可以打开而无需提示任何身份验证。

public static final String[] excludedURLs = {"/v3/api-docs/**", "/swagger-ui/**"};

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http.authenticationProvider(xxxAPIAuthenticationProvider)
                .httpBasic()
                .and()
                .authorizeRequests()
                .antMatchers(excludedURLs).permitAll()
                .anyRequest().authenticated();

   return http.build();

}

型

赞(0）回复(0）举报 10个月前

我来回答

迁移到Java 17后，即使在配置中忽略，Swagger UI也会提示登录

1条答案

相关问题

热门标签

最新问答