Authorization header not sent using "try it out", with SecuritySchemes Basic

Q&A (please complete the following information)

• OS: Ubuntu 18.10
• Browser: Firefox 60.5.1
• swagger-ui-3.24.0
• Swagger/OpenAPI version: OpenAPI 3.0.1 Using Swagger-ui through org.webjars.swagger-ui:3.24.0 fork that is used by gradle-swagger-generator-plugin:2.15.1

Content & configuration

openapi: 3.0.1
info:
  title: xxx
  description: yyy
  contact:
    email: a@b.com.br
  version: "1.0"
externalDocs:
  description: Something
  url: https://someurl.com.br
servers:
- url: http://dsv:7422/
  description: DSV
  variables: {}
- url: http://qld:7422/
  description: QLD
  variables: {}
- url: http://hmg:7422/
  description: HMG
  variables: {}
tags:
- name: Bloco
paths:
  /blocks/query:
    get:
      tags:
      - Bloco
      summary: Something
      description: SomeDescription
      operationId: getBlocks
      parameters:
      - name: anpBlockType
        in: query
        description: queryparamDescription
        schema:
          type: string
      responses:
        "200":
          description: Sucess!
      security:
      - myLdapAuth: []
components:
  securitySchemes:
    myLdapAuth:
      type: http
      scheme: basic

Screenshots

How can we help?

The swagger page shows this curl command for the operation “query”: curl -X GET “http://dsv:7422/blocks/query?anpBlockType=prod” -H “accept: application/json” -H “Authorization: Basic <XxxXX>”

Bu when it sends the request it sends with no Authorization header:

Host: dsv:7422 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Access-Control-Request-Method: GET Access-Control-Request-Headers: authorization Origin: http://dsv:7422 Connection: keep-alive

I’m generating the openapi.yaml with java annotations.

Do you know what is wrong?