在Linux上利用Swagger进行API文档的权限管理,通常涉及以下几个步骤:
首先,确保你的Spring Boot项目已正确集成Spring Security。这通常需要在pom.xml文件中添加必要的依赖。
Maven依赖示例:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>2.9.2</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger-ui</artifactId>
<version>2.9.2</version>
</dependency>
创建一个Spring Security配置类(例如SecurityConfig),继承WebSecurityConfigurerAdapter,并重写configure(HttpSecurity http)方法。在这个方法中,定义访问控制规则,指定哪些URL需要身份验证,哪些不需要,以及采用何种认证机制(例如,Basic Auth, JWT, OAuth 2.0)。
示例代码:
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/swagger-ui.html", "/webjars/**", "/swagger-resources/**", "/v2/api-docs").authenticated()
.anyRequest().permitAll()
.and()
.formLogin()
.and()
.httpBasic();
}
@Bean
@Override
public UserDetailsService userDetailsService() {
UserDetails user = User.withDefaultPasswordEncoder()
.username("user")
.password("password")
.roles("USER")
.build();
return new InMemoryUserDetailsManager(user);
}
}
创建一个Swagger配置类(例如SwaggerConfig),使用@Configuration注解。在这个类中,配置Docket bean,设置API信息、扫描的包路径等。
示例代码:
@Configuration
@EnableSwagger2
public class SwaggerConfig {
@Bean
public Docket api() {
return new Docket(DocumentationType.SWAGGER_2)
.select()
.apis(RequestHandlerSelectors.basePackage("com.example.demo.controller")) // 替换成你的controller包路径
.paths(PathSelectors.any())
.build()
.securitySchemes(Arrays.asList(basicAuth()))
.securityContexts(Arrays.asList(securityContext()));
}
private SecurityScheme basicAuth() {
return new ApiKey("Basic Auth", "Authorization", "header");
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(defaultAuth())
.forPaths(PathSelectors.any())
.build();
}
private List<SecurityReference> defaultAuth() {
AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
authorizationScopes[0] = authorizationScope;
return Arrays.asList(new SecurityReference("Basic Auth", authorizationScopes));
}
}
为了使Swagger UI也受到Spring Security的保护,需要自定义SecurityScheme并将其添加到Swagger配置中。这通常涉及创建SecurityScheme和SecurityContext bean,并将它们添加到Docket bean的配置中。
示例代码:
private SecurityScheme basicAuth() {
return new ApiKey("Basic Auth", "Authorization", "header");
}
private SecurityContext securityContext() {
return SecurityContext.builder()
.securityReferences(defaultAuth())
.forPaths(PathSelectors.any())
.build();
}
确保你的Spring Boot应用程序已经配置好并运行在Linux服务器上。你可以使用以下命令来启动应用程序:
java -jar your-application.jar
打开浏览器并访问 http://your-server-address:port/swagger-ui.html。你应该会看到Swagger UI界面,并且需要输入用户名和密码才能访问。
通过以上步骤,你可以在Linux上配置Swagger的权限控制,确保只有经过身份验证的用户才能访问API文档。