6

I am going to use springfox (2.6.1v) with swagger-ui in my Spring Boot (1.4.2v).

The configuration for it looks:

@Configuration
@EnableSwagger2
public class SwaggerConfig {

  @Bean
  public Docket api() {
    return new Docket(DocumentationType.SWAGGER_2)
               .select()
               .apis(RequestHandlerSelectors.any())
               .paths(PathSelectors.any())
               .build()
               .genericModelSubstitutes(ResponseEntity.class);
  }
}

The problem is that my swagger is behind spring security and I need to allow access there only by admin.

Question is what should be the set of matchers to allow swagger-ui to work within my application?

public class SecurityConfig extends WebSecurityConfigurerAdapter {

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
        .antMatchers("??? <<<what_should_be_here>>> ???") // what should be here?
        .hasRole("TENANT_ADMIN");
  }
}
Ziemowit Stolarczyk
  • 1,014
  • 2
  • 11
  • 26

1 Answers1

2

Ok first I have found the solution here so following lines:

.antMatchers("/admin/system/state/*", "/v2/api-docs", "/configuration/ui", "/swagger-resources", "/configuration/security", "/swagger-ui.html", "/webjars/**")

But still sth did not work and because of that I have asked this question. But after deeper investigation it occured that spring-fox does not support GSON. When you use GSON as "to json" converter swagger-ui receives a slightly different JSON format what causes problems...

When we changed converter to Jackson and added above paths to spring-config it works without any problems.

I have even requested the new feature on spring-fox github here.

Community
  • 1
  • 1
Ziemowit Stolarczyk
  • 1,014
  • 2
  • 11
  • 26