“访问此资源需要完全身份验证”未授权 - 弹簧安全示例中的401错误

时间:2017-12-21 14:55:12

标签: java spring spring-boot spring-security

我启用了Websecurity,但我启用了anyRequest()和permitAll()方法仍然在邮递员中收到此错误。下面是我在配置中的代码。

@EnableWebSecurity
@Configuration
public class SecurityConfifguration extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(HttpSecurity httpSecurity) throws Exception {

            httpSecurity.authorizeRequests()
                        .anyRequest()
                        .permitAll()
                        .and().httpBasic().disable();

            httpSecurity.csrf().disable();              

    }
}
以下

是控制器代码 

@RestController
@RequestMapping("/rest/hello")
public class HelloResource {
     @GetMapping
     public String hello() {
         return "Hello World";
     }
}

申请类 

@ComponentScan
@SpringBootApplication
public class SpringSecurityExampleApplication {

    public static void main(String[] args) {
        SpringApplication.run(SpringSecurityExampleApplication.class, args);
    }
}

邮差错误 

{
    "timestamp": 1513867805556,
    "status": 401,
    "error": "Unauthorized",
    "message": "Full authentication is required to access this resource",
    "path": "/rest/hello"
}

推荐但是提示帮助 

httpSecurity
      .anonymous() //allow anonymous access
      .and()
         .authorizeRequests()
            .antMatchers("**/rest/**").permitAll();

我希望它能回复“Hello World”。

第二次推荐,但没有帮助 

        httpSecurity
         //some configuration
//            .and()
              .anonymous() //allow anonymous access
              .and()
                 .authorizeRequests()
                    .antMatchers("/rest/**").permitAll();

1 个答案:

答案 0 :(得分:-1)

配置文件和资源不在同一个包中,所以我收到错误。现在它将它们移动到它开始工作的主包下。enter image description here

相关问题
最新问题