[英]how to secure swagger-ui with basic auth using spring security
我有一个简单的弹簧启动应用程序与休息api,我需要使用弹簧安全保护swagger-ui.html与基本身份验证
我已经尝试在Docket api
设置:
return new Docket(DocumentationType.SWAGGER_2)
.securitySchemes(auth)
.securityContexts(securityContexts)
.select()
.apis(RequestHandlerSelectors.basePackage("com.my.package.directory"))
.paths(PathSelectors.any())
.build()
.apiInfo(getApiInfo());
和我的春季安全配置:
@Override
protected void configure(HttpSecurity http) throws Exception
{
http
.csrf().disable()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic();
}
它甚至不需要任何auth我做错了什么?
尝试这个
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login-page-url")
.permitAll()
.and()
.logout()
.permitAll();
}
@Bean
@Override
public UserDetailsService userDetailsService() {
UserDetails user =
User.withDefaultPasswordEncoder()
.username("username-here")
.password("password-here")
.roles("USER")
.build();
return new InMemoryUserDetailsManager(user);
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.