用spring资源访问安全资源

kq0g1dla  于 2021-07-09  发布在  Java
关注(0)|答案(1)|浏览(245)

我正在尝试将Spring Security 集成到我的应用程序中,由于某种原因(我不知道),每次请求都会出现403错误。我确信这和春安有关。下面是我的代码片段,以获取更多详细信息。
这是我第一次尝试将Spring Security 集成到我的应用程序中,这样我可能会遗漏一些东西。
我的网络安全课上有这个

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired
private UserService userService;

@Autowired
private PasswordEncoder passwordEncoder;

@Autowired
private JwtTokenProvider jwtTokenProvider;

@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}

@Bean
public PasswordEncoder passwordEncoder(){
    return new BCryptPasswordEncoder();
}

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .httpBasic().disable()
            .csrf().disable()
            .cors().disable()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .authorizeRequests()
            .antMatchers( HttpMethod.POST, "/auth/**").permitAll()
            .anyRequest().authenticated()
            .and()
            .apply(new JwtConfigurer(jwtTokenProvider));
}

@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(userService).passwordEncoder(passwordEncoder());
}

我的控制器里有这个

@RestController
@RequestMapping("/auth")
public class LoginController {
@Autowired
private UserService userService;

@RequestMapping(value = "/register", method = RequestMethod.POST, produces = "application/json", consumes = "application/json")
@ResponseBody
public Response<UserDto> register(@RequestBody Request<UserDto> request){
    MessengerUser user = userService.saveUser(request.getData());
    return new Response<>(new ModelMapper().map(user, UserDto.class));
}

@RequestMapping(value = "/sign-in", method = RequestMethod.POST, produces = "application/json", consumes = "application/json")
@ResponseBody
public Response<LoginDto> signin(@RequestBody Request<UserDto> request) {
    LoginDto loginDto = userService.authenticateUser(request.getData());
    return new Response<>(loginDto);
   }
}

我的请求是{“data”:{“username”:“username”,“password”:“password”}}
我怀疑这与我的配置有关,但我不确定还能尝试什么。

mctunoxg

mctunoxg1#

事实证明,这是我的错误。我的请求类型不对,我犯了个愚蠢的错误。
一切正常,但请求类型是 GET 而不是 POST

相关问题