2016-08-20 159 views
0

我有以下this article在我的彈簧啓動應用程序上配置swagger。這裏是我SwaggerConfig爲彈簧啓動應用程序配置swagger

package com.path.to.project.config; 

import org.springframework.context.annotation.Bean; 
import org.springframework.context.annotation.Configuration; 
import springfox.documentation.builders.PathSelectors; 
import springfox.documentation.builders.RequestHandlerSelectors; 
import springfox.documentation.spi.DocumentationType; 
import springfox.documentation.spring.web.plugins.Docket; 
import springfox.documentation.swagger2.annotations.EnableSwagger2; 

@Configuration 
@EnableSwagger2 
public class SwaggerConfig { 
    @Bean 
    public Docket api() { 
     return new Docket(DocumentationType.SWAGGER_2) 
       .select() 
       .apis(RequestHandlerSelectors.any()) 
       .paths(PathSelectors.any()) 
       .build(); 
    } 
} 

這裏是我的WebSecurityConfig

package com.path.to.project.config; 

import com.path.to.project.jwt.JwtAuthenticationEntryPoint; 
import com.path.to.project.jwt.JwtAuthenticationTokenFilter; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.context.annotation.Bean; 
import org.springframework.context.annotation.Configuration; 
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; 
import org.springframework.security.config.annotation.web.builders.HttpSecurity; 
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 
import org.springframework.security.config.http.SessionCreationPolicy; 
import org.springframework.security.core.userdetails.UserDetailsService; 
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 
import org.springframework.security.crypto.password.PasswordEncoder; 
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 

@Configuration 
@EnableWebSecurity 
@EnableGlobalMethodSecurity(prePostEnabled = true) 
public class WebSecurityConfig extends WebSecurityConfigurerAdapter { 

    @Autowired 
    private JwtAuthenticationEntryPoint unauthorizedHandler; 

    @Autowired 
    private UserDetailsService userDetailsService; 

    @Autowired 
    public void configureAuthentication(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception { 
     authenticationManagerBuilder.userDetailsService(userDetailsService) 
       .passwordEncoder(passwordEncoder()); 
    } 

    @Bean 
    public JwtAuthenticationTokenFilter authenticationTokenFilterBean() throws Exception { 
     return new JwtAuthenticationTokenFilter(); 
    } 

    @Override 
    protected void configure(HttpSecurity httpSecurity) throws Exception { 
     httpSecurity 
       .csrf().disable() 
       .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and() 
       .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() 
       .authorizeRequests() 
       .antMatchers("/auth/**").permitAll() 
       .antMatchers("/register/**").permitAll() 
       .antMatchers("/swagger-ui*").permitAll() 
       .antMatchers("/sysadmin/**").hasRole("SYSADMIN") 
       .antMatchers("/admin/**").hasRole("ADMIN") 
       .antMatchers("/siteadmin/**").hasRole("SITEADMIN") 
       .anyRequest().authenticated(); 

     // Custom JWT based security filter 
     httpSecurity 
       .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class); 

    } 

    @Bean 
    public PasswordEncoder passwordEncoder() { 
     PasswordEncoder encoder = new BCryptPasswordEncoder(); 
     return encoder; 
    } 

} 

所以,當我運行春天啓動的應用程序(我使用的IntelliJ構建和部署JBoss上)我看到下面的UI

Swagger UI on local spring-boot app

我是缺少在這裏?

+0

您是否使用JAR或WAR部署?你的JS/CSS文件目前位於哪裏? – luboskrnac

回答

0

看起來像你的CSS/JS未加載。我會檢查您的瀏覽器日誌以查看使用哪個URL進行請求,並設置httpSecurity以允許這些資源加載類似於您現有的安全角色。

+0

好的謝謝你的提示。這可能是因爲我的安全配置。我可以添加'.css'和'.js'文件的規則,但即使CSS/JS沒有加載,爲什麼沒有** swagger **顯示我的api及其方法?它與'.css/js'沒有關係? –

+0

只是猜測,但默認的Swagger UI需要從服務器訪問swagger.json文件。如果'.css'和'.js'文件沒有加載,那麼我猜測沒有加載swagger文件。 –

0

在WebSecurityConfig,添加以下規則

.antMatchers( 「/ V2/API-文檔」, 「/配置/ UI」, 「/招搖資源」, 「/配置/安全」,「/招搖-ui.html「,」/ webjars/**「)。permitAll()

/v2/api-docs - 這允許spring security顯示api及其方法。您可以通過在螢火蟲或鉻調試模式下監控網絡流量來識別問題

相關問題