We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
使用扩展功能开启认证时
knife4j: # 开启增强配置 enable: true # 开启生产环境屏蔽 production: false basic: enable: true # Basic认证用户名 username: admin # Basic认证密码 password: 123456
Knife4j-core-4.1.0.jar 包中 com.github.xiaoymin.knife4j.extend.filter.basic.ServletSecurityBasicAuthFilter 任意请求都会导致认证通过例如下图根路径,从而导致进入doc.html 不提示登录,建议修改 增加判断条件 this.match(url)
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest)servletRequest; HttpServletResponse response = (HttpServletResponse)servletResponse; String url = request.getRequestURI(); Object sessionObject = request.getSession().getAttribute("KNIFE4J_BASIC_AUTH_SESSION"); String auth = request.getHeader("Authorization"); if (this.tryCommonBasic(url, sessionObject, auth)) { if (this.match(url) && sessionObject == null) { request.getSession().setAttribute("KNIFE4J_BASIC_AUTH_SESSION", this.getUserName()); } chain.doFilter(servletRequest, servletResponse); } else { FilterUtils.writeForbiddenCode(response); } }
The text was updated successfully, but these errors were encountered:
感谢反馈,会在下个4.2.0版本进行修复
Sorry, something went wrong.
这个版本还没有发布 为什么关掉了。。。。
代码已经修复了,打上了4.2.0 的milestone的tag,会在近期发版的
嗯嗯 好的 感谢
No branches or pull requests
使用扩展功能开启认证时
Knife4j-core-4.1.0.jar 包中
com.github.xiaoymin.knife4j.extend.filter.basic.ServletSecurityBasicAuthFilter
任意请求都会导致认证通过例如下图根路径,从而导致进入doc.html 不提示登录,建议修改 增加判断条件 this.match(url)
The text was updated successfully, but these errors were encountered: