HTTP状态405 - 不支持请求方法“POST”。春季安全

时间:2017-06-06 11:17:28

标签: spring-mvc login spring-security freemarker http-status-code-405

我有Spring MVC的Spring Security。当我尝试注册时,它不支持405'POST'。我在安全配置中禁用了csrf令牌。让我知道我哪里出错了?

我的登录页面:

<#-- @ftlvariable name="error" type="java.util.Optional<String>" -->
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Log in</title>
</head>
<body>
<nav role="navigation">
<ul>
    <li><a href="/">Home</a></li>
</ul>
</nav>

<h1>Log in</h1>

<p>You can use: demo@localhost / demo</p>

<form role="form" action="/login" method="post">
<div>
    <label for="email">Email address</label>
    <input type="email" name="email" id="email" required autofocus/>
</div>
<div>
    <label for="password">Password</label>
    <input type="password" name="password" id="password" required/>
</div>
<div>
    <label for="remember-me">Remember me</label>
    <input type="checkbox" name="remember-me" id="remember-me"/>
</div>
<button type="submit">Sign in</button>
</form>
</body>
</html>

授权由LoginController处理:

@Controller
public class LoginController {

@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView getLoginPage(@RequestParam Optional<String> error) {
    return new ModelAndView("login", "error", error);
}
}

这是我的Spring Security配置类:

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired
private UserDetailsService userDetailsService;

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
            .antMatchers("/", "/public/**").permitAll()
            .antMatchers("/users/**").hasAuthority("ADMIN")
            .anyRequest().fullyAuthenticated()
            .and()
            .formLogin()
            .loginPage("/login")
            .failureUrl("/login?error")
            .usernameParameter("email")
            .passwordParameter("password")
            .permitAll()
            .and()
            .logout()
            .logoutUrl("/logout")
            .deleteCookies("remember-me")
            .logoutSuccessUrl("/")
            .permitAll()
            .and()
            .rememberMe().and().csrf().disable();
}

@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth
            .userDetailsService(userDetailsService)
            .passwordEncoder(new BCryptPasswordEncoder());
}
}

1 个答案:

答案 0 :(得分:-1)

这个很容易解决,你得到HTTP状态405,这意味着(来自wiki):

  

请求的资源不支持请求方法;例如,表单上的GET请求需要通过POST显示数据,或者在只读资源上显示PUT请求。

您尝试将表单HTTP POST到处理GET请求的处理程序。

只需更改此内容: 

@Controller
public class LoginController {
@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView getLoginPage(@RequestParam Optional<String> error) {
    return new ModelAndView("login", "error", error);
}
}

对此: 

@Controller
public class LoginController {

@RequestMapping(value = "/login", method = RequestMethod.POST)
public ModelAndView getLoginPage(@RequestParam Optional<String> error) {
    return new ModelAndView("login", "error", error);
}
}
相关问题
最新问题