我是Spring框架的新手。我创建了一个新的Spring Starter项目,其中包含以下模块:web,mongo,security。
我创建了一个简单的控制器
@RestController
@RequestMapping("/users")
public class UserController {
private UserRepository userRepository;
@GetMapping("/all")
public List<User> getAllUsers(){
List<User> users = this.userRepository.findAll();
return users;
}
@PostMapping("/")
public void insert(@RequestBody User user){
this.userRepository.save(user);
}
}
将一些原始数据播种到数据库中。当我在Postman中向这条路线发出请求时,我收到以下回复:
{
"timestamp": 1511113712858,
"status": 401,
"error": "Unauthorized",
"message": "Full authentication is required to access this resource",
"path": "/users/all"
}
的pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>ngt</groupId>
<artifactId>someArtifact</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>dermaskin</name>
<description>Demo project for Spring Boot with mongodb</description>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.8.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-mongodb</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
导致未经授权的响应的原因是什么以及如何为/all路由禁用它?谢谢!
答案 0 :(得分:3)
@Configuration
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.requestMatchers().antMatchers("/users/all").permitAll();
}
}
您需要配置Spring Security,默认情况下所有路由都是安全的,以便进行自动化。
上述代码仅对“/ users / all”URL禁用安全性。
答案 1 :(得分:2)
您可以保持安全依赖性,但必须设置用户标识和密码。这可以通过将以下内容添加到位于其下的application.properties文件中来完成 的的src /主/资源 夹
# This converts the names to acceptable values
dataPull = data.frame(dataPull, check.names = TRUE)
print(dataPull[,"C.R.RE.1.4.Family.Residential"])
[1] 0
或者您也可以在属性文件中禁用这样的安全性:security.user.name=user # Default user name.
security.user.password= # your password here
。
答案 2 :(得分:-1)
我包含此错误
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
在我的pom.xml文件中。 只需将其删除,然后重试。