diff --git a/pom.xml b/pom.xml
index 6d96c87..07c27cc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -148,6 +148,14 @@
org.springframework.boot
spring-boot-starter-amqp
+
+
+
+ io.springfox
+ springfox-boot-starter
+ 3.0.0
+
+
diff --git a/src/main/java/com/palnet/biz/config/WebSecurityConfig.java b/src/main/java/com/palnet/biz/config/WebSecurityConfig.java
index 76b0244..4a306f9 100644
--- a/src/main/java/com/palnet/biz/config/WebSecurityConfig.java
+++ b/src/main/java/com/palnet/biz/config/WebSecurityConfig.java
@@ -35,7 +35,20 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private JwtRequestFilter jwtRequestFilter;
- private final String[] PERMITTED_URL = {"/api/acnt/**"};
+ private final String[] PERMITTED_URL = {
+ "/api/acnt/**",
+ /* swagger v2 */
+ "/v2/api-docs",
+ "/swagger-resources",
+ "/swagger-resources/**",
+ "/configuration/ui",
+ "/configuration/security",
+ "/swagger-ui.html",
+ "/webjars/**",
+ /* swagger v3 */
+ "/v3/api-docs/**",
+ "/swagger-ui/**"
+ };
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
@@ -64,6 +77,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS,"/api/**").permitAll()
.antMatchers(HttpMethod.GET,"/ping").permitAll()
+ .antMatchers("/swagger-ui/**").permitAll()
.antMatchers(PERMITTED_URL).permitAll()
// all other requests need to be authenticated
.anyRequest().authenticated().and()