Spring 禁用 Swagger-ui 进行生产 [英] Spring Disable Swagger-ui for production

问题描述

我知道如何为生产禁用 swagger - 我只需要在配置类中添加注释 @Profile("!prod") :

I know how to disable swagger for production - i only need to add annotation @Profile("!prod") in configuration class:

@Configuration
@EnableSwagger2
@RequiredArgsConstructor
@Profile("!prod")
public class SwaggerConfig {

添加注解的结果但结果是，swagger-ui.html 在浏览器中仍然可用，只是它是空的.我想知道是否有完全禁用它的解决方案，因此页面不会加载?

result of adding annotation But the result is, that the swagger-ui.html still is available in browser, only its empty. I wonder is there solution to disable it fully, so the page will not load?

推荐答案

这可以通过 spring-security 通过阻止生产环境的 url 来简单地完成.请尝试:

this could be simply done with spring-security by blocking the url for the production environment. Please try :

向 pom.xml 添加依赖项(如果您使用的是 spring-boot):

Add dependency (if you are using spring-boot) to pom.xml :

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

添加配置文件:

@Configuration
@Profile("prod")
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers("/**/swagger-ui.html").denyAll();
    }
}

它会发送 403 禁止状态.

It will send 403 forbidden status.

这篇关于Spring 禁用 Swagger-ui 进行生产的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！