diff --git a/README.md b/README.md index f41d0d0a..a1b5f52d 100644 --- a/README.md +++ b/README.md @@ -132,7 +132,7 @@ Also try for example 'admin@xxx.example.com' or 'unknown@example.org'. If you want a formatted JSON output, you can pipe the result to `jq` or similar. -And to see the full, currently implemented, API, open http://localhost:8081/actuator/swagger-ui/index.html (uses management-port and thus bypasses authentication). +And to see the full, currently implemented, API, open http://localhost:8080/swagger-ui/index.html (on same port as the API to avoid CORS problems). If you still need to install some of these tools, find some hints in the next chapters. diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 60fd285e..28da0a0a 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -17,7 +17,7 @@ management: # HOWTO: view the effective application configuration properties: # http://localhost:8081/actuator/configprops - include: info, health, metrics, metric-links, mappings, openapi, swaggerui, configprops, env + include: info, health, metrics, metric-links, mappings, openapi, configprops, env endpoint: env: # TODO.spec: check this, maybe set to when_authorized? @@ -37,6 +37,10 @@ spring: url: ${HSADMINNG_POSTGRES_JDBC_URL} username: postgres + data: + rest: + detection-strategy: annotated + sql: init: mode: never @@ -51,7 +55,8 @@ spring: # keep this in sync with test/.../application.yml springdoc: - use-management-port: true + # SwaggerUI must run on the same port as the API itself, otherwise CORS will block accessing the API + use-management-port: false hsadminng: postgres: diff --git a/src/test/java/net/hostsharing/hsadminng/config/WebSecurityConfigIntegrationTest.java b/src/test/java/net/hostsharing/hsadminng/config/WebSecurityConfigIntegrationTest.java index 3a612b35..063527cd 100644 --- a/src/test/java/net/hostsharing/hsadminng/config/WebSecurityConfigIntegrationTest.java +++ b/src/test/java/net/hostsharing/hsadminng/config/WebSecurityConfigIntegrationTest.java @@ -84,14 +84,14 @@ class WebSecurityConfigIntegrationTest { @Test public void shouldSupportSwaggerUi() { final var result = this.restTemplate.getForEntity( - "http://localhost:" + this.managementPort + "/actuator/swagger-ui/index.html", String.class); + "http://localhost:" + this.managementPort + "/swagger-ui/index.html", String.class); assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK); } @Test public void shouldSupportApiDocs() { final var result = this.restTemplate.getForEntity( - "http://localhost:" + this.managementPort + "/actuator/v3/api-docs/swagger-config", String.class); + "http://localhost:" + this.managementPort + "/v3/api-docs/swagger-config", String.class); assertThat(result.getStatusCode()).isEqualTo(HttpStatus.NOT_FOUND); // permitted but not configured } @@ -109,5 +109,4 @@ class WebSecurityConfigIntegrationTest { "http://localhost:" + this.managementPort + "/actuator/metrics", Map.class); assertThat(result.getStatusCode()).isEqualTo(HttpStatus.OK); } - } diff --git a/src/test/resources/application.yml b/src/test/resources/application.yml index 344828e7..abf049a6 100644 --- a/src/test/resources/application.yml +++ b/src/test/resources/application.yml @@ -41,7 +41,9 @@ spring: # keep this in sync with main/.../application.yml springdoc: - use-management-port: true + # SwaggerUI must run on the same port as the API itself, otherwise CORS will block accessing the API + use-management-port: false + logging: level: