Springfox swagger-ui.html unable to infer base URL - Caused by missing cookies
Add in the security config -- following URLS that are skipped for authentication ::
private static final String[] AUTH_WHITELIST = { "/swagger-resources/**", "/swagger-ui.html", "/v2/api-docs", "/webjars/**"};@Overridepublic void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers(AUTH_WHITELIST);}
Adding below annotation at the spring boot class resolved this issue for me.
@EnableSwagger2
I am using swagger version
<version>2.9.2</version>
SEE EDIT BELOW
Do you use spring security?
If yes, probably you skip some resources like this (right?):"/swagger-resources/**","/swagger-ui.html","/v2/api-docs","/webjars/**"
Try to change it "/swagger-resources/**"
to "**/swagger-resources/**"
.
My specific security config for swagger is:
private static final String[] AUTH_LIST = { // -- swagger ui "**/swagger-resources/**", "/swagger-ui.html", "/v2/api-docs", "/webjars/**"};@Overrideprotected void configure(HttpSecurity http) throws Exception { http .authorizeRequests().antMatchers(AUTH_LIST).authenticated() .and() .httpBasic().authenticationEntryPoint(swaggerAuthenticationEntryPoint()) .and() .csrf().disable();}@Beanpublic BasicAuthenticationEntryPoint swaggerAuthenticationEntryPoint() { BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint(); entryPoint.setRealmName("Swagger Realm"); return entryPoint;}
If you need/want I can send a sample project to GitHub to you know more about my security/swagger configs.
EDIT 2018/04/10
This problem is caused by a wrong version in springfox. See this issue on github to solve the problem.
To posterity:
In pom.xml
...<repositories> <repository> <id>swagger</id> <name>swagger</name> <url>http://oss.jfrog.org/artifactory/oss-snapshot-local</url> </repository></repositories>...<dependency> <groupId>io.springfox</groupId> <artifactId>springfox-swagger2</artifactId> <version>2.8.1-SNAPSHOT</version></dependency><dependency> <groupId>io.springfox</groupId> <artifactId>springfox-swagger-ui</artifactId> <version>2.8.1-SNAPSHOT</version></dependency>...
Class that extends WebSecurityConfigAdapter:
@Configurationpublic class WebSecurityConfigEntryPointApplication extends WebSecurityConfigurerAdapter { private static final List<String> AUTH_LIST = Arrays.asList( "/swagger-resources/**", "/swagger-ui.html**", "/webjars/**", "favicon.ico"); @Autowired private RestAuthenticationEntryPoint restAuthenticationEntryPoint; @Override protected void configure(HttpSecurity http) throws Exception { http .antMatcher("/**").authorizeRequests().anyRequest().authenticated() .and() .exceptionHandling() .defaultAuthenticationEntryPointFor(swaggerAuthenticationEntryPoint(), new CustomRequestMatcher(AUTH_LIST)) .and() .httpBasic() .authenticationEntryPoint(restAuthenticationEntryPoint) .and() .csrf().disable(); } @Bean public BasicAuthenticationEntryPoint swaggerAuthenticationEntryPoint() { BasicAuthenticationEntryPoint entryPoint = new BasicAuthenticationEntryPoint(); entryPoint.setRealmName("Swagger Realm"); return entryPoint; } private class CustomRequestMatcher implements RequestMatcher { private List<AntPathRequestMatcher> matchers; private CustomRequestMatcher(List<String> matchers) { this.matchers = matchers.stream().map(AntPathRequestMatcher::new).collect(Collectors.toList()); } @Override public boolean matches(HttpServletRequest request) { return matchers.stream().anyMatch(a -> a.matches(request)); } }}
RestAuthenticationEntryPoint:
@Componentpublic class RestAuthenticationEntryPoint implements AuthenticationEntryPoint { @Override public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException { response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"); }}