Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Disable security for one operation

See original GitHub issue

Hi, I have a @OpenAPIDefinition with security defined for the whole app, but I want to override and disable security for one method, how can I do that? Using @Operation(security = {}) on the method doesn’t seem to work. Expected output in yaml is security: [] for that one operation.

Thanks

Issue Analytics

State:
Created 4 years ago
Reactions:1
Comments:7 (2 by maintainers)

Top GitHub Comments

3reactions

maforcommented, Dec 30, 2019

Hi,

I came across this issue recently. I found a workaround using OpenApiCustomiser, but I would prefer a proper solution. I think it is doable without changes to the swagger-core annotations (not with the Operation annotation, but with an ‘empty’ SecurityRequirements). It would look like this:

@RestController
public class AuthenticationController {

    @PostMapping(value = "/login", consumes = MediaType.APPLICATION_JSON_VALUE)
    @SecurityRequirements(value = {}) // <- or without 'value', added for clarity
    public JwtAuthenticationResponse createAuthenticationToken(
        @RequestBody JwtAuthenticationRequest authenticationRequest) {
   }
}

It doesn’t work out of the box, there are some changes needed in the SecurityParser Would you mind if I sent you a PR?

1reaction

bnasslahsencommented, Jan 30, 2020

Yeah @mafor, i wasn’t sure about your feedback. Anyway, the important is that its now shared with the community.

Top Results From Across the Web

Swagger: disabling security on one particular path

Is there some way I can disable security on just ONE particular Path or Method? rest · swagger · Share.

How to disable WebSphere Global Security for one ... - IBM

Go to "Application Servers" · Select the appropriate server · Select "Server security" · Select "Server level security" · Uncheck the "Enable global ......

Disabling and enabling individual controls - AWS Security Hub

From the Security Hub console, you can disable controls from the control list on the standard details page or from the control details...

Disable Security in IBM WebSphere Application Server

You forget the credential · Someone changed the password · Messed up the SSL/Security configuration or security.xml.

Disable Security System - Armored Core Wiki - Fandom

Disable Security System is a mission in Armored Core 3. Requester: Union Advance: 0 Upon success: 51000 Operation Area: Crest's Data Storage Facility...