为spring boot app配置swagger

时间:2016-08-20 20:55:40

标签: intellij-idea jboss spring-boot swagger swagger-ui

我已经跟随this article在我的spring-boot应用上配置了swagger。这是我的SwaggerConfig课程

package com.path.to.project.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;

@Configuration
@EnableSwagger2
public class SwaggerConfig {
    @Bean
    public Docket api() {
        return new Docket(DocumentationType.SWAGGER_2)
                .select()
                .apis(RequestHandlerSelectors.any())
                .paths(PathSelectors.any())
                .build();
    }
}

这是我的 WebSecurityConfig 

package com.path.to.project.config;

import com.path.to.project.jwt.JwtAuthenticationEntryPoint;
import com.path.to.project.jwt.JwtAuthenticationTokenFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private JwtAuthenticationEntryPoint unauthorizedHandler;

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    public void configureAuthentication(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.userDetailsService(userDetailsService)
                .passwordEncoder(passwordEncoder());
    }

    @Bean
    public JwtAuthenticationTokenFilter authenticationTokenFilterBean() throws Exception {
        return new JwtAuthenticationTokenFilter();
    }

    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
                .csrf().disable()
                .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
                .authorizeRequests()
                .antMatchers("/auth/**").permitAll()
                .antMatchers("/register/**").permitAll()
                .antMatchers("/swagger-ui*").permitAll()
                .antMatchers("/sysadmin/**").hasRole("SYSADMIN")
                .antMatchers("/admin/**").hasRole("ADMIN")
                .antMatchers("/siteadmin/**").hasRole("SITEADMIN")
                .anyRequest().authenticated();

        // Custom JWT based security filter
        httpSecurity
                .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);

    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        PasswordEncoder encoder = new BCryptPasswordEncoder();
        return encoder;
    }

}

所以当我运行spring-boot应用程序(我使用intellij在JBoss上构建和部署)时,我看到了以下UI

Swagger UI on local spring-boot app

我在这里缺少什么?

2 个答案:

答案 0 :(得分:0)

看起来你的CSS / JS没有加载。我会检查您的浏览器日志以查看用于发出请求的URL,并设置httpSecurity以允许这些资源加载类似于您现有的安全角色。

答案 1 :(得分:0)

在WebSecurityConfig中,添加以下规则

.antMatchers(" / v2 / api-docs"," / configuration / ui"," / swagger-resources"," / configuration / security"," /swagger-ui.html" ;," / webjars / **")。permitAll()

/ v2 / api-docs - 这允许spring security显示api及其方法。您可以通过监视firebug或chrome调试模式中的网络流量来识别问题

相关问题
最新问题