我有一个简单的带有 REST API 的 Spring 启动应用程序,我需要使用 Spring 安全性保护 Swagger-UI.html
我已经尝试Docket api设置:
return new Docket(DocumentationType.SWAGGER_2)
.securitySchemes(auth)
.securityContexts(securityContexts)
.select()
.apis(RequestHandlerSelectors.basePackage("com.my.package.directory"))
.paths(PathSelectors.any())
.build()
.apiInfo(getApiInfo());
和我的弹簧安全配置:
@Override
protected void configure(HttpSecurity http) throws Exception
{
http
.csrf().disable()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.httpBasic();
}
它甚至不需要任何身份验证我做错了什么?
试试这个
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login-page-url")
.permitAll()
.and()
.logout()
.permitAll();
}
@Bean
@Override
public UserDetailsService userDetailsService() {
UserDetails user =
User.withDefaultPasswordEncoder()
.username("username-here")
.password("password-here")
.roles("USER")
.build();
return new InMemoryUserDetailsManager(user);
}
}