Spring security5 集成swagger2 無法訪問的問題。

主要還是spring security把 swagger需要訪問的URL被攔截，不只是swagger-ui.html這個URL

查找網上的解決方案沒一個好用的，然後自己在跳轉重定向的方法裏打印了引發跳轉的URL，一個一個試出來的老鐵。累屁了。

話不多說，放圖，配置security配置類即可

成功：

完整配置類代碼：

package com.lw.bpczy.security.config;


import com.lw.bpczy.security.authentication.MyAuthenticationFailureHandler;
import com.lw.bpczy.security.authentication.MyAuthenticationSuccessHandler;
import com.lw.bpczy.security.authorization.MyAccessDeniedHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.cors.CorsUtils;


/**
* @author: Liang Shan
* @date: 2019-11-12 10:25
* @description: security安全配置
* WebSecurityConfigurerAdapter提供簡潔的方式來創建webSecurityConfigurer
*/
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {


    @Autowired
    private MyAuthenticationSuccessHandler successHandler;
    @Autowired
    private MyAuthenticationFailureHandler failureHandler;
    @Autowired
    private MyAccessDeniedHandler accessDeniedHandler;
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
    /*配置安全項*/
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()
                .loginPage("/needLogin")
                .loginProcessingUrl("/login").permitAll()
                .successHandler(successHandler)
                .failureHandler(failureHandler)
                .and()
                .authorizeRequests()
                // 授權不需要登錄權限的URL
                .antMatchers("/needLogin",
                             "/swagger*//**",
                             "/v2/api-docs",
                             "/webjars*//**").permitAll()
                .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
                .anyRequest().access("@rbacService.hasPermission(request,authentication)").
                and().exceptionHandling().accessDeniedHandler(accessDeniedHandler).
                and().cors().and().csrf().disable()
        ;
    }
}