我有一个基本的安全Spring REST应用程序。我正在使用LDAP进行身份验证。我登录正常,但是到我的URL的POST始终返回403。有人可以告诉我我的设置有什么问题吗?我需要过滤器吗?这是SecurityConfig:
@Configuration
@EnableWebSecurity(debug = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.ldapAuthentication()
.userSearchFilter("cn={0}")
.groupSearchBase("dc=company,DC=COM")
.contextSource()
.url("ldaps://ldap.company.com:636");
}
@Bean(BeanIds.AUTHENTICATION_MANAGER)
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers(
"/favicon.ico",
"/css/**",
"/img/**",
"/js/**")
.permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.loginProcessingUrl("/login")
.defaultSuccessUrl("/index")
.permitAll();
}
}