在SpringBoot集成Swagger2时,使用shiro做安全拦截时,主要碰到以下几个问题
1.shiro拦截请求时,会把swagger2拦截
2.拦截放开swagger时,也会拦截对应的css、js文件等
经过几次测试在shiroConfig文件中加入一下几个配置就可以了
@Bean
public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
//拦截器.
Map<String,String> filterChainDefinitionMap = new LinkedHashMap<String,String>();
// 配置不会被拦截的链接 顺序判断
//配置退出 过滤器,其中的具体的退出代码Shiro已经替我们实现了
filterChainDefinitionMap.put("/login", "anon");
filterChainDefinitionMap.put("/swagger-ui.html","anon");
filterChainDefinitionMap.put("/static/**", "anon");
filterChainDefinitionMap.put("/swagger/**","anon");
filterChainDefinitionMap.put("/webjars/**", "anon");
filterChainDefinitionMap.put("/swagger-resources/**","anon");
filterChainDefinitionMap.put("/v2/**","anon");
filterChainDefinitionMap.put("/**", "authc");
shiroFilterFactoryBean.setLoginUrl("/index");
shiroFilterFactoryBean.setUnauthorizedUrl("/");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
如果只是出现了头部文件检查swagger的配置文件是否正确,扫描的包位置
@Bean
public Docket createRestApi() {
return new Docket(DocumentationType.SWAGGER_2)
.apiInfo(apiInfo())
.select()
.apis(RequestHandlerSelectors.basePackage("com.infoearth.system.controller"))
.paths(PathSelectors.any())
.build();
}
还有在main
启动类上加
入
@EnableSwagger2
注解