Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

'/csrf' 401 and '/' 404 when loading swagger-ui.html

See original GitHub issue

What version of the library are you using? It is the latest version.

What kind of issue is this?

Support needed. @dilipkrish

Additional details:

Browser: Google Chrome
IDE: IntelliJ IDEA: Ultimate 2019.2
Java: 1.8
Spring Boot: Latest - 2.2.1
Spring Boot Stater Security: Latest - 2.2.1
Spring Security Test: Latest - 5.2.1

When I try to load http://localhost:server.port/swagger-ui.html page loads but with inspect I see this two bad requests: WhatsApp Image 2019-11-26 at 20 33 05

On server side it throws an exception: org.springframework.security.access.AccessDeniedException: Access is denied.

I tried with debug mode and it looks like the problem is in: JwtAuthenticationFilter -> doFilterInternal(...) -> filterChain.doFilter(request, response);. Also bearerToken is null.

I tried to follow this tutorial: Part1 and Part2 and add Swagger to the project.

I am not sure if this is a normal behavior. I also checked some similar issues on this channel also on stackoverflow like this with no result.

Issue Analytics

State:
Created 4 years ago
Reactions:3
Comments:5 (1 by maintainers)

Top GitHub Comments

3reactions

rsteaburdeacommented, Nov 27, 2019

In #2639 I found a comment of @matthewh86 where he bypassed server side errors by adding .antMatchers("/", "/csrf").permitAll() to HttpSecurity http but how he said if feels like

hacky

Also I still have this two errors in browser:

csrf is disabled for http and I have an AuthWhiteList for

// -- swagger ui
"/swagger-resources/**",
"/swagger-ui.html",
"/v2/api-docs",
"/webjars/**",
"/configuration/ui",
"/configuration/security"

0reactions

dilipkrishcommented, Jul 8, 2020

For everyones benefit, outside of the permit all fix for the 401 error, the reason we see the 404 is that the /csrf endpoint doesn’t exit. The only reason for its existence is to return a cookie based csrf token that swagger ui uses.

Top Results From Across the Web

When loading the swagger-ui.html page, a request is made to ...

The reason Springfox Swagger attaches the CSRF token is, ... I disabled WebSecurity until yet and also get the 404 Error Code for...

springdoc-openapi v2.0.0

Automatically generates documentation in JSON/YAML and HTML format APIs. This documentation can be completed by comments using swagger-api ...

[Solved]-401 unauthorized page for swagger?-Springboot

antMatchers("/swagger-ui.html") ofc annotate that class with @Configuration ... but my swagger UI home page was blank as there was 401 issue in loading...

[Spring] Swagger-ui.html 404 not found error 시 대처방법!

안녕하세요. Spring framework에서 Swagger-ui 라이브러리를 사용하던 중, 어느순간부터 swagger-ui.html이 안들어가지더군요.

Fix list for IBM Business Automation Workflow

JR64965, OPENING A PROCESS DIAGRAM IN IBM PROCESS PORTAL SHOWS "THE CONTROL CANNOT BE ... CHARACTERS IN THE SERVER URL RESULTS IN HTTP...