Question

在eclipse上启动maven tomcat时尝试登录页面时出现错误。

“发生意外错误（类型=不允许使用方法，状态= 405）。请求方法'POST'不支持”

我在表格中包含了csrf令牌。也许您可以帮助解决这个问题。

WebSecurity：

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

@Override
// Authentication : User --> Roles
protected void configure(AuthenticationManagerBuilder auth)
        throws Exception {
    auth.
            inMemoryAuthentication()
            .withUser("user")
            .password("1234")
            .roles("USER")
            .and()
            .withUser("admin")
            .password("5678")
            .roles("USER", "ADMIN");
}

// Authorization : Role -> Access
protected void configure(HttpSecurity http) throws Exception {
    http
            .authorizeRequests()
            .antMatchers("/cont/**").access("hasRole('USER') or 
hasRole('ADMIN')")
            .antMatchers("/admin/**").access("hasRole('ADMIN')")

            .and()
            .formLogin()
                .loginPage("/loginForm.html")                                  
                .defaultSuccessUrl("/login-success", true)                   
                .loginProcessingUrl("/performLogin")
                .failureUrl("/failLogin.html")
                .permitAll()
                .and()
                .logout().permitAll().logoutUrl("/logout")

            .and()
            .csrf()
            .disable()
            .headers()
            .frameOptions()
            .disable();
}

@Autowired
private UserDetailsService userDetailsService;

@Bean
public UserDetailsService userDetailsService() {
    return super.userDetailsService();
}

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws 
Exception {
    BCryptPasswordEncoder pe = new  BCryptPasswordEncoder();
    auth.userDetailsService(userDetailsService).passwordEncoder(pe);
}

}

控制器

@RequestMapping(value="/performLogin", method= {RequestMethod.GET})
public ModelAndView loginForm() {
    return new ModelAndView("loginForm.html");
}

//Login Success    
@RequestMapping(value = "/login-success", method=RequestMethod.GET)
public ModelAndView loginSuccess() {
    return new ModelAndView("/cont/home.html");
}
}

HTML

<html xmlns:th="http://www.thymeleaf.org">

<head th:include="layout :: head(title=~{::title},links=~{})">
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Please Login</title>
<link href="styles/login.css" rel="stylesheet" type="text/css">
</head>

<body th:include="layout :: body" th:with="content=~{::content}">
<div th:fragment="content" id="formLogin">
    <form name="f" th:action="@{/login}" method="POST" autocomplete="off">

            <div id="sign">A</div>

            <article id="formContent">
                <div class="inpt">
                <input type="text" id="username" name="username" 
placeholder="Username"/>
                </div>

                <div class="inpt">
                <input type="password" id="password" name="password" 
placeholder="Password"/>
                </div>
                <input type="hidden" name="${_csrf.parameterName}" 
value="${_csrf.token}"/>

                <div>
                    <button type="submit">Login</button>
                </div>
            </article>
    </form>
</div>
</body>
</html>

Stacktrace：

    2018-10-10 14:03:13.642  INFO 3448 --- [  restartedMain] model.MainApplicationClass               : Starting MainApplicationClass on PGES0074 with PID 3448 (C:\Users\KroemerT\eclipse-workspace\TestOne\target\classes started by kroemert in C:\Users\KroemerT\eclipse-workspace\TestOne)
    2018-10-10 14:03:13.646  INFO 3448 --- [  restartedMain] model.MainApplicationClass               : No active profile set, falling back to default profiles: default
    2018-10-10 14:03:13.760  INFO 3448 --- [  restartedMain] ationConfigEmbeddedWebApplicationContext : Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@674dbea2: startup date [Wed Oct 10 14:03:13 CEST 2018]; root of context hierarchy
    2018-10-10 14:03:15.213  INFO 3448 --- [  restartedMain] o.s.core.annotation.AnnotationUtils      : Failed to introspect annotations on [class org.springframework.boot.actuate.autoconfigure.EndpointWebMvcHypermediaManagementContextConfiguration]: java.lang.ArrayStoreException: sun.reflect.annotation.TypeNotPresentExceptionProxy
    2018-10-10 14:03:15.214  INFO 3448 --- [  restartedMain] o.s.core.annotation.AnnotationUtils      : Failed to introspect annotations on [class org.springframework.boot.actuate.autoconfigure.EndpointWebMvcHypermediaManagementContextConfiguration]: java.lang.ArrayStoreException: sun.reflect.annotation.TypeNotPresentExceptionProxy
    2018-10-10 14:03:17.071  INFO 3448 --- [  restartedMain] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat initialized with port(s): 8080 (http)
    2018-10-10 14:03:17.089  INFO 3448 --- [  restartedMain] o.apache.catalina.core.StandardService   : Starting service Tomcat
    2018-10-10 14:03:17.091  INFO 3448 --- [  restartedMain] org.apache.catalina.core.StandardEngine  : Starting Servlet Engine: Apache Tomcat/8.5.11
    2018-10-10 14:03:17.442  INFO 3448 --- [ost-startStop-1] org.apache.jasper.servlet.TldScanner     : At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
    2018-10-10 14:03:17.447  INFO 3448 --- [ost-startStop-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
    2018-10-10 14:03:17.447  INFO 3448 --- [ost-startStop-1] o.s.web.context.ContextLoader            : Root WebApplicationContext: initialization completed in 3692 ms
    2018-10-10 14:03:18.101  INFO 3448 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'metricsFilter' to: [/*]
    2018-10-10 14:03:18.102  INFO 3448 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'characterEncodingFilter' to: [/*]
    2018-10-10 14:03:18.102  INFO 3448 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'hiddenHttpMethodFilter' to: [/*]
    2018-10-10 14:03:18.102  INFO 3448 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'httpPutFormContentFilter' to: [/*]
    2018-10-10 14:03:18.102  INFO 3448 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'requestContextFilter' to: [/*]
    2018-10-10 14:03:18.104  INFO 3448 --- [ost-startStop-1] .s.DelegatingFilterProxyRegistrationBean : Mapping filter: 'springSecurityFilterChain' to: [/*]
    2018-10-10 14:03:18.104  INFO 3448 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'webRequestLoggingFilter' to: [/*]
    2018-10-10 14:03:18.105  INFO 3448 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean   : Mapping filter: 'applicationContextIdFilter' to: [/*]
    2018-10-10 14:03:18.105  INFO 3448 --- [ost-startStop-1] o.s.b.w.servlet.ServletRegistrationBean  : Mapping servlet: 'dispatcherServlet' to [/]
    2018-10-10 14:03:18.965  INFO 3448 --- [  restartedMain] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: OrRequestMatcher [requestMatchers=[Ant [pattern='/css/**'], Ant [pattern='/js/**'], Ant [pattern='/images/**'], Ant [pattern='/webjars/**'], Ant [pattern='/**/favicon.ico'], Ant [pattern='/error']]], []
    2018-10-10 14:03:19.075  INFO 3448 --- [  restartedMain] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@3b1fae40, org.springframework.security.web.context.SecurityContextPersistenceFilter@14d2b09e, org.springframework.security.web.header.HeaderWriterFilter@67aff8eb, org.springframework.security.web.authentication.logout.LogoutFilter@26763c4, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@38a45f15, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@6f2af3e3, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@4aab9820, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@68d7b4ed, org.springframework.security.web.session.SessionManagementFilter@62ffcb8e, org.springframework.security.web.access.ExceptionTranslationFilter@39fa5fc8, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@7e08d83]
    2018-10-10 14:03:19.094  INFO 3448 --- [  restartedMain] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: org.springframework.boot.actuate.autoconfigure.ManagementWebSecurityAutoConfiguration$LazyEndpointPathRequestMatcher@38184e5f, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@1eb61155, org.springframework.security.web.context.SecurityContextPersistenceFilter@9eabf8a, org.springframework.security.web.header.HeaderWriterFilter@2a54667a, org.springframework.security.web.authentication.logout.LogoutFilter@276a4420, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@2bc67089, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@112a0e5a, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@18c4ddb3, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@6ec6832, org.springframework.security.web.session.SessionManagementFilter@f55a142, org.springframework.security.web.access.ExceptionTranslationFilter@5ad85015, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@564e18d9]
    2018-10-10 14:03:19.203  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerAdapter : Looking for @ControllerAdvice: org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@674dbea2: startup date [Wed Oct 10 14:03:13 CEST 2018]; root of context hierarchy
    2018-10-10 14:03:19.301  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/document/all],methods=[GET]}" onto public java.util.List<model.Document> model.DocumentController.getAll()
    2018-10-10 14:03:19.303  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/document/new],methods=[POST]}" onto public void model.DocumentController.addDocument(model.Document)
    2018-10-10 14:03:19.303  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/document/remove],methods=[GET]}" onto public void model.DocumentController.removeUser()
    2018-10-10 14:03:19.303  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/performLogin],methods=[POST]}" onto public org.springframework.web.servlet.ModelAndView model.DocumentController.loginForm()
    2018-10-10 14:03:19.303  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/login-success],methods=[POST]}" onto public org.springframework.web.servlet.ModelAndView model.DocumentController.loginSuccess()
    2018-10-10 14:03:19.304  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/logout],methods=[GET]}" onto public org.springframework.web.servlet.view.RedirectView model.DocumentController.logoutPage(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)
    2018-10-10 14:03:19.304  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/loggeduser],methods=[GET]}" onto public java.lang.String model.DocumentController.printUsername(org.springframework.ui.ModelMap,java.security.Principal)
    2018-10-10 14:03:19.304  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/document/date],methods=[GET]}" onto public java.lang.String model.DocumentController.gDate()
    2018-10-10 14:03:19.308  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error]}" onto public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest)
    2018-10-10 14:03:19.309  INFO 3448 --- [  restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error],produces=[text/html]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.boot.autoconfigure.web.BasicErrorController.errorHtml(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)
    2018-10-10 14:03:19.336  INFO 3448 --- [  restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping  : Root mapping to handler of type [class org.springframework.web.servlet.mvc.ParameterizableViewController]
    2018-10-10 14:03:19.336  INFO 3448 --- [  restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/people] onto handler of type [class org.springframework.web.servlet.mvc.ParameterizableViewController]
    2018-10-10 14:03:19.336  INFO 3448 --- [  restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/home] onto handler of type [class org.springframework.web.servlet.mvc.ParameterizableViewController]
    2018-10-10 14:03:19.356  INFO 3448 --- [  restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/webjars/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
    2018-10-10 14:03:19.356  INFO 3448 --- [  restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
    2018-10-10 14:03:19.429  INFO 3448 --- [  restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped URL path [/**/favicon.ico] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
    2018-10-10 14:03:19.920  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/env/{name:.*}],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EnvironmentMvcEndpoint.value(java.lang.String)
    2018-10-10 14:03:19.920  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/env || /env.json],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
    2018-10-10 14:03:19.922  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/beans || /beans.json],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
    2018-10-10 14:03:19.923  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/health || /health.json],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.HealthMvcEndpoint.invoke(java.security.Principal)
    2018-10-10 14:03:19.925  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/metrics/{name:.*}],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.MetricsMvcEndpoint.value(java.lang.String)
    2018-10-10 14:03:19.925  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/metrics || /metrics.json],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
    2018-10-10 14:03:19.927  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/heapdump || /heapdump.json],methods=[GET],produces=[application/octet-stream]}" onto public void org.springframework.boot.actuate.endpoint.mvc.HeapdumpMvcEndpoint.invoke(boolean,javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse) throws java.io.IOException,javax.servlet.ServletException
    2018-10-10 14:03:19.928  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/trace || /trace.json],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
    2018-10-10 14:03:19.929  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/dump || /dump.json],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
    2018-10-10 14:03:19.934  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/mappings || /mappings.json],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
    2018-10-10 14:03:19.935  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/configprops || /configprops.json],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
    2018-10-10 14:03:19.936  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/info || /info.json],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
    2018-10-10 14:03:19.937  INFO 3448 --- [  restartedMain] o.s.b.a.e.mvc.EndpointHandlerMapping     : Mapped "{[/autoconfig || /autoconfig.json],methods=[GET],produces=[application/json]}" onto public java.lang.Object org.springframework.boot.actuate.endpoint.mvc.EndpointMvcAdapter.invoke()
    2018-10-10 14:03:20.079  INFO 3448 --- [  restartedMain] o.s.b.d.a.OptionalLiveReloadServer       : LiveReload server is running on port 35729
    2018-10-10 14:03:20.187  INFO 3448 --- [  restartedMain] o.s.j.e.a.AnnotationMBeanExporter        : Registering beans for JMX exposure on startup
    2018-10-10 14:03:20.211  INFO 3448 --- [  restartedMain] o.s.c.support.DefaultLifecycleProcessor  : Starting beans in phase 0
    2018-10-10 14:03:20.417  INFO 3448 --- [  restartedMain] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8080 (http)
    2018-10-10 14:03:20.424  INFO 3448 --- [  restartedMain] model.MainApplicationClass               : Started MainApplicationClass in 7.348 seconds (JVM running for 7.937)
    2018-10-10 14:06:20.381  INFO 3448 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring FrameworkServlet 'dispatcherServlet'
    2018-10-10 14:06:20.382  INFO 3448 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : FrameworkServlet 'dispatcherServlet': initialization started
    2018-10-10 14:06:20.401  INFO 3448 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : FrameworkServlet 'dispatcherServlet': initialization completed in 19 ms
    2018-10-10 14:06:20.469  WARN 3448 --- [nio-8080-exec-1] o.s.web.servlet.PageNotFound             : Request method 'POST' not supported
    2018-10-10 14:06:20.470  WARN 3448 --- [nio-8080-exec-1] .w.s.m.s.DefaultHandlerExceptionResolver : Resolved exception caused by Handler execution: org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported
    2018-10-10 14:06:34.683  WARN 3448 --- [nio-8080-exec-7] o.s.web.servlet.PageNotFound             : Request method 'POST' not supported
    2018-10-10 14:06:34.684  WARN 3448 --- [nio-8080-exec-7] .w.s.m.s.DefaultHandlerExceptionResolver : Resolved exception caused by Handler execution: org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported

我通读了许多类似的问题，但找不到解决方法。

Answer 1

我认为这两种方法的这一行都存在问题

@RequestMapping(value = "/login-success", method = {RequestMethod.POST, 
RequestMethod.GET})

您已将GET和POST配置为通话休息

尝试

 @RequestMapping(value = "/login-success", method=RequestMethod.POST)

Answer 2

我已经看到人们整日为“在那儿工作的相同代码但不在这里工作”集思广益，只是为了弄清楚他们不允许在 CORS 中设置所需的方法。设置。那是我最好的猜测。

对您来说，最大的教训不是进行疯狂的猜测，而是使用诸如高级REST客户端，邮递员，浏览器的开发工具之类的工具。即如果您在浏览器中检查响应标头，则可以轻松确认CORS过滤器是否存在问题。要在谷歌浏览器中打开开发工具，请按CTRL + SHIFT +J。您最主要的工作是针对这种情况的“网络”标签，以便检查您是否具有所需的标题。 POST方法要求默认情况下正确设置CORS过滤器。

Answer 3

实际上，您不需要post方法来登录，因为Spring Security正在管理该方法。您只需要GET登录方法。尝试删除您的POST登录信息。

不支持Requestmethod POST ||春季登录

3 个答案: