Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Basic Auth asked on all endpoints when adding GraphiQL or Altair dependencies
See original GitHub issueI need to add a GraphQL endpoint to a Spring Boot application with an existing REST API that uses @RestController and such.
When I add any of the GraphQL tool as a dependency, such as altair-spring-boot-starter or graphiql-spring-boot-starter for example, and run the server, I am suddendly asked to provide a Basic Auth on all endpoints even though the base application does not require one.
diff of pom.xml
+ <dependency>
+ <!-- GraphQL starter (adds core and servlet) -->
+ <groupId>com.graphql-java-kickstart</groupId>
+ <artifactId>graphql-spring-boot-starter</artifactId>
+ <version>7.0.0</version>
+ </dependency>
+ <dependency>
+ <!-- GraphQL Tool -->
+ <groupId>com.graphql-java-kickstart</groupId>
+ <artifactId>graphql-java-tools</artifactId>
+ <version>6.0.0</version>
+ </dependency>
+ <dependency>
+ <!-- GraphiQL interactive tool -->
+ <groupId>com.graphql-java-kickstart</groupId>
+ <artifactId>graphiql-spring-boot-starter</artifactId>
+ <version>7.0.0</version>
+ <scope>runtime</scope>
+ </dependency>
Two questions then:
- how should I embed the Altair/GraphiQL tools to my existing REST API ?
- how can I solve the suddenly appearing Basic Auth ?
Thanks
Issue Analytics
- State:
- Created 3 years ago
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Authentication and authorization - Apollo GraphQL Docs
Before we can correctly control access to data, we have to authenticate a user. There are many patterns for providing authentication credentials, including...
Read more >Quick Start Guide - GraphQL ASP.NET
This guide will help you get a GraphQL project up and running so you can start experimenting. We'll cover the following:
Read more >GraphQL Code Libraries, Tools and Services
A query language for your API — GraphQL provides a complete description of the data in your API, gives clients the power to...
Read more >Everything you need to know about GraphQL Authentication ...
js file will contain our GraphQL endpoint resolvers, the schema.js will contain our GraphQL schema. In this app, we will query: for a...
Read more >Get Started: Discover the API - Liferay Help Center
There are several ways of authenticating in GraphQL APIs (explained here) but the simplest way to test APIs locally is to use Basic...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Many thanks for the quick reply and clear indications, I will investigate with that in mind.
It doesn’t add any specific rules for security. It relies on your existing spring security configuration to take care of that. If you use Spring Security you probably have a
WebSecurityConfigurerAdaptersomewhere to finetune the security settings for your app. You should add/graphiqland possibly/graphlto it to exclude it from those security settings. If you don’t the default kicks in and everything is secure.