Spring REST请求方法' DELETE',' POST',' PUT'不支持

时间:2017-08-24 20:04:28

标签: java spring rest spring-mvc postman

创建第一个SPRING REST API,出于某种原因,只有GET请求可以正常工作,其余所有 - POST,PUT,DELETE都没有。

@RestController
@RequestMapping(value = "/api/contacts")
public class ContactRESTController {

    private ContactService contactService;

    @Autowired
    public ContactRESTController(ContactService contactService) {
        this.contactService = contactService;
    }


    @RequestMapping(value = "/contact/{id}", method = RequestMethod.DELETE)
    public void deleteContact(@PathVariable long id) {

        Contact retrived = contactService.findOne(id);
        if (retrived == null) { throw new ContactNotFoundException(id);}
        contactService.delete(id);
    }

拥有@RestController允许我省略@ResponseBody。使用@ResponseEntity尝试没有效果。认为这可能是一些安全问题,所以我已将此行添加到security.xml

<security:intercept-url method="DELETE" access="permitAll" pattern="/api/contacts/contact/*" />

当app加载时,我可以在控制台中看到这一行:

INFO - Mapped "{[/api/contacts/contact/{id}],methods=[DELETE]}" onto public void com.bugielmarek.timetable.controllers.ContactRESTController.deleteContact(long)

但是当我在POSTMAN中选择DELETE并转到

http://localhost:8080/crudone/api/contacts/contact/9

我得到的只是

HTTP Status 405 - Request method 'DELETE' not supported

在标题中我可以阅读&#39;允许 - GET&#39;。

尝试使用&#39; Content-Type&#39;发布DELETE请求设置为&#39; text / html&#39;没有运气。

更新:

将hiddenHttpMethodFilter添加到web.xml没有任何帮助。

<filter>
        <filter-name>hiddenHttpMethodFilter</filter-name>
        <filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>hiddenHttpMethodFilter</filter-name>
       <servlet-name>crudone</servlet-name>
    </filter-mapping>

更新:

遵循DwB建议我打开了DEBUG级别并观察了控制台输出。我发现的是:

DEBUG - /api/contacts/contact/10 at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
DEBUG - Invalid CSRF token found for http://localhost:8080/crudone/api/contacts/contact/10
DEBUG - DispatcherServlet with name 'crudone' processing DELETE request for [/crudone/denied]
DEBUG - Looking up handler method for path /denied '

这表明它毕竟是安全问题。任何帮助如何禁用REST的csrf将非常感激 - 因为我认为这是解决方案。

0 个答案:

没有答案