Java swagger ui没有获取Spring MVC api的api信息
我正在使用SpringMVC和SpringSecurity,我想带上Swagger文档。我遵循教程,在url…/v2/api文档下获得了完整的json文档 但是,当我打开Swigger ui时,我在url下看到了一个错误页面…/swagger-ui.html,就像屏幕截图上的一样:一切都未定义,他看不到我的api。 我知道有时候,招摇过市的Ui会遇到Spring设置,请求不会被安全性过滤掉。这可能是本案的问题吗?我可以关掉什么使它工作 或者它可能是用Java swagger ui没有获取Spring MVC api的api信息,java,spring-mvc,spring-security,swagger-ui,Java,Spring Mvc,Spring Security,Swagger Ui,我正在使用SpringMVC和SpringSecurity,我想带上Swagger文档。我遵循教程,在url…/v2/api文档下获得了完整的json文档 但是,当我打开Swigger ui时,我在url下看到了一个错误页面…/swagger-ui.html,就像屏幕截图上的一样:一切都未定义,他看不到我的api。 我知道有时候,招摇过市的Ui会遇到Spring设置,请求不会被安全性过滤掉。这可能是本案的问题吗?我可以关掉什么使它工作 或者它可能是用@ControllerAdvice标记的类的
@ControllerAdvice
标记的类的问题。我将其用于ExceptionResolver:
@ControllerAdvice
public class ExceptionResolver extends AbstractHandlerExceptionResolver{...}
以下是我的Maven片段:
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>2.6.0</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger-ui</artifactId>
<version>2.6.0</version>
</dependency>
伊奥·斯普林福克斯
springfox-Swagger 2
2.6.0
伊奥·斯普林福克斯
springfox招摇过市用户界面
2.6.0
更新我的安全配置
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter{
private UserDetailsService userDetailsService;
private PreAuthenticatedAuthenticationProvider preAuthenticatedProvider;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
Map<String, List<GrantedAuthority>> rolesAuthorities = userDao.getRolesWithAutorities();
userDetailsService = new CustomUserDetailsService();
UserDetailsByNameServiceWrapper<PreAuthenticatedAuthenticationToken> wrapper =
new UserDetailsByNameServiceWrapper<PreAuthenticatedAuthenticationToken>(userDetailsService);
preAuthenticatedProvider = new PreAuthenticatedAuthenticationProvider();
preAuthenticatedProvider.setPreAuthenticatedUserDetailsService(wrapper);
auth.authenticationProvider(preAuthenticatedProvider);
preAuthenticatedProvider.setThrowExceptionWhenTokenRejected(true);
}
@Override //(does not help)
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/**/v2/api-docs/**",
"/**/configuration/ui/**", "/**/swagger-resources/**", "/**/configuration/security/**", "/**/swagger-ui.html");
}
@Bean
public SmUserFailureHandler smUserFailureHandler(){
return new SmUserFailureHandler();
}
@Bean
public AccessDeniedHandler accessDeniedHandler(){
AccessDeniedHandlerImpl handler = new AccessDeniedHandlerImpl();
handler.setErrorPage("/errorpage/");
return handler;
}
public RequestHeaderAuthenticationFilter siteMinderFilter() throws Exception
{
RequestHeaderAuthenticationFilter siteMinderFilter = new DelegateRequestMatchingFilter(
new OrRequestMatcher(new AntPathRequestMatcher("...**"),
new AntPathRequestMatcher("..."),
smUserFailureHandler());
siteMinderFilter.setPrincipalRequestHeader("SM_USER");
siteMinderFilter.setAuthenticationManager(authenticationManager());
siteMinderFilter.setContinueFilterChainOnUnsuccessfulAuthentication(false);
siteMinderFilter.setExceptionIfHeaderMissing(false);
return siteMinderFilter;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
...
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER);
RequestHeaderAuthenticationFilter smFilter = siteMinderFilter();
http.addFilter(smFilter);
ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http.authorizeRequests();
http = registry.and();
http.formLogin().loginPage("/resource/User/Login/").failureHandler(smUserFailureHandler());
http.formLogin().failureUrl("/resource/User/Login/").failureHandler(smUserFailureHandler());
http.csrf().disable();
http.headers().cacheControl().disable();
}
}
@配置
@启用Web安全性
@EnableGlobalMethodSecurity(Prespenabled=true)
公共类安全配置扩展了WebSecurity配置适配器{
私有用户详细信息服务用户详细信息服务;
私人预验证验证提供者预验证提供者;
@自动连线
public void configureGlobal(AuthenticationManagerBuilder auth)引发异常{
Map rolesAuthorities=userDao.getRolesWithAutorities();
userDetailsService=新的CustomUserDetailsService();
UserDetailsByNameServiceWrapper=
新的UserDetailsByNameServiceWrapper(userDetailsService);
preAuthenticatedProvider=新的PreAuthenticatedAuthenticationProvider();
preAuthenticatedProvider.setPreAuthenticatedUserDetailsService(包装器);
身份验证提供者(预身份验证提供者);
预验证Provider.SetThroweExceptionWhenTokenRejected(true);
}
@覆盖//(没有帮助)
public void configure(WebSecurity web)引发异常{
忽略().antMatchers(“/**/v2/api docs/**”,
“/**/configuration/ui/**”、“/**/swagger资源/**”、“/**/configuration/security/**”、“/**/swagger ui.html”);
}
@豆子
公共SmUserFailureHandler SmUserFailureHandler(){
返回新的SmUserFailureHandler();
}
@豆子
公共AccessDeniedHandler AccessDeniedHandler(){
AccessDeniedHandlerImpl处理程序=新的AccessDeniedHandlerImpl();
handler.setErrorPage(“/errorpage/”);
返回处理程序;
}
public RequestHeaderAuthenticationFilter siteMinderFilter()引发异常
{
RequestHeaderAuthenticationFilter siteMinderFilter=新建DelegateRequestMatchingFilter(
新的OrRequestMatcher(新的AntPathRequestMatcher(“…**”),
新的AntPathRequestMatcher(“…”),
smUserFailureHandler());
setPrincipalRequestHeader(“SM_用户”);
setAuthenticationManager(authenticationManager());
siteMinderFilter.setContinueFilterChainOnUnsuccessfulAuthentication(false);
siteMinderFilter.setExceptionIfHeaderMissing(false);
返回站点MinderFilter;
}
@凌驾
受保护的无效配置(HttpSecurity http)引发异常{
...
http.sessionManagement().sessionCreationPolicy(sessionCreationPolicy.NEVER);
RequestHeaderAuthenticationFilter smFilter=siteMinderFilter();
http.addFilter(smFilter);
ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry=http.authorizeRequests();
http=registry.and();
http.formLogin().loginPage(“/resource/User/Login/”).failureHandler(smUserFailureHandler());
http.formLogin().failureUrl(“/resource/User/Login/”).failureHandler(smUserFailureHandler());
http.csrf().disable();
http.headers().cacheControl().disable();
}
}
您可能需要在spring安全配置中启用对swagger端点的访问
以下是springfox创建的端点:
2017-05-10 15:07:15.141 INFO 22472 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/v2/api-docs],methods=[GET],produces=[application/json || application/hal+json]}" onto public org.springframework.http.ResponseEntity<springfox.documentation.spring.web.json.Json> springfox.documentation.swagger2.web.Swagger2Controller.getDocumentation(java.lang.String,javax.servlet.http.HttpServletRequest)
2017-05-10 15:07:15.146 INFO 22472 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/swagger-resources/configuration/ui]}" onto org.springframework.http.ResponseEntity<springfox.documentation.swagger.web.UiConfiguration> springfox.documentation.swagger.web.ApiResourceController.uiConfiguration()
2017-05-10 15:07:15.147 INFO 22472 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/swagger-resources/configuration/security]}" onto org.springframework.http.ResponseEntity<springfox.documentation.swagger.web.SecurityConfiguration> springfox.documentation.swagger.web.ApiResourceController.securityConfiguration()
2017-05-10 15:07:15.148 INFO 22472 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/swagger-resources]}" onto org.springframework.http.ResponseEntity<java.util.List<springfox.documentation.swagger.web.SwaggerResource>> springfox.documentation.swagger.web.ApiResourceController.swaggerResources()
它不起作用。它甚至没有过滤掉这个URI。你能把你的spring安全配置类放在这里吗?它可能在那里。另外,你能尝试卷曲那些招摇过市的端点吗?如果它给403它的安全性。我添加了安全配置它可能会有帮助-看:为什么你有这样的AntMatcher/**/v2/api docs/**?SpringFox没有向swagger端点添加任何前缀。尝试查看所有端点的spring日志,检查swagger端点名称,并将其与之匹配。@HenriqueMartins,“反对”是什么意思?我尝试了不同的匹配方式,但根本不起作用。我的另一个swagger端点功能良好:我收到正常的JSON
@Configuration
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/v2/api-docs", "/configuration/ui", "/swagger-resources", "/configuration/security", "/swagger-ui.html");
}
}