[英]How do you turn off swagger-ui in production
I have swagger plugged in to my spring boot application.我已经大摇大摆地插入了我的 Spring Boot 应用程序。 Spring boot allows you to have property files for each environment that you have.
Spring boot 允许您拥有每个环境的属性文件。 Is there a way to disable swagger for a production environment?
有没有办法在生产环境中禁用招摇?
Put your swagger configuration into separate configuration class and annotate it with @Profile
annotation -> so that it will be scanned into Spring context only in certain profiles.将您的 swagger 配置放入单独的配置类中,并使用
@Profile
注释对其进行注释 -> 以便仅在某些配置文件中将其扫描到 Spring 上下文中。
Example:例子:
@Configuration
@EnableSwagger2
@Profile("dev")
public class SwaggerConfig {
// your swagger configuration
}
You can than define profile your Spring Boot app is operating in via command line: --spring.profiles.active=dev
or via config file: spring.profiles.active=dev
.您可以通过命令行定义您的 Spring Boot 应用程序正在运行的配置文件: --spring.profiles.active
--spring.profiles.active=dev
或通过配置文件: spring.profiles.active=dev
。
Read this section of Spring Boot docs for more info about @Profile
阅读 Spring Boot 文档的这一部分以获取有关
@Profile
的更多信息
If you are working on multiple environments then you can also use @Profile as array如果您在多个环境中工作,那么您还可以使用@Profile作为数组
@Configuration
@EnableSwagger2
@Profile({"dev","qa"})
public class SwaggerConfig {
// your swagger configuration
}
with swagger 3.0.0 version you can add springfox.documentation.enabled=false
in corresponding environment profile application.properties
file.使用 swagger 3.0.0 版本,您可以在相应的环境配置文件
application.properties
文件中添加springfox.documentation.enabled=false
。 For example, I have added this to application-prod.properties
to disable in production (while running the app you must specify the profile using VM args like -Dspring.profiles.active=prod
)例如,我已将此添加到
application-prod.properties
以在生产中禁用(在运行应用程序时,您必须使用 VM args 指定配置文件,例如-Dspring.profiles.active=prod
)
This is my configuration class:这是我的配置类:
@Configuration
@Profile("swagger")
@EnableSwagger2
public class SwaggerConfig {
@Value("${info.build.version}")
private String buildVersion;
@Bean
public Docket documentation() {
return new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.any())
.paths(regex("/rest/.*"))
.build()
.pathMapping("/")
.apiInfo(metadata());
}
private ApiInfo metadata() {
return new ApiInfoBuilder()
.title("API documentation of our App")
.description("Use this documentation as a reference how to interact with app's API")
.version(buildVersion)
.contact(new Contact("Dev-Team", "https://dev-website", "dev@mailbox"))
.build();
}
}
Wherever I need Swagger, I add the profile swagger
to the environment variable SPRING_PROFILES_ACTIVE
无论我在哪里需要 Swagger,我都会将配置文件
swagger
添加到环境变量SPRING_PROFILES_ACTIVE
In addition to the answers configuring Spring using a profile , consider having rules on your reverse HTTP proxy to block access to the Swagger end points from outside the LAN.除了使用配置文件配置 Spring 的答案之外,请考虑在反向 HTTP 代理上设置规则以阻止从 LAN 外部访问 Swagger 端点。 That would give you some defence in depth against attacks on the Swagger end points.
这将为您提供一些针对 Swagger 端点攻击的深度防御。
For those that use code gen (which generates Swagger2SpringBoot):对于那些使用代码生成(生成 Swagger2SpringBoot)的人:
Done.完毕。
have configuration for env有环境配置
@Configuration @配置
@EnableSwagger2 @EnableSwagger2
@Profile("devone") @Profile("devone")
application.yaml应用程序.yaml
profiles: active: ${MY_ENV:devone}
MY_ENV you will read from file, like .env MY_ENV 您将从文件中读取,例如 .env
.env file content: MY_ENV=prod .env 文件内容:MY_ENV=prod
In the production keep other .env file only for production credentials.在生产中保留其他 .env 文件仅用于生产凭据。
An old question, but if you are using SpringDoc v1.2.12+:一个老问题,但如果您使用的是 SpringDoc v1.2.12+:
springdoc.swagger-ui.enabled=false
springdoc.api-docs.enabled=false
From: https://github.com/springdoc/springdoc-openapi/issues/191#issuecomment-558809236来自: https ://github.com/springdoc/springdoc-openapi/issues/191#issuecomment-558809236
spring.profiles.active=production with @Profile("!production") worked for me to turn off swagger in prod. spring.profiles.active=production with @Profile("!production")为我关闭了产品中的招摇。
Ex :-前任 :-
@Profile("!production")
@Component
@EnableSwagger2
public class SwaggerConfig {
//TODO
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.