使用Spring资源访问安全资源

时间:2019-02-04 13:41:57

标签: java spring-boot spring-security

我正在尝试将Spring Security集成到我的应用程序中,由于某种原因(我不知道),我每次请求都不断收到403错误。我相信这与春季安全性有关。下面是我的代码的片段,以获取更多详细信息。

这是我第一次尝试将Spring Security集成到我的应用程序中,因此我可能会丢失一些东西。

我在WebSecurity类中有这个

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired
private UserService userService;

@Autowired
private PasswordEncoder passwordEncoder;

@Autowired
private JwtTokenProvider jwtTokenProvider;

@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}

@Bean
public PasswordEncoder passwordEncoder(){
    return new BCryptPasswordEncoder();
}

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .httpBasic().disable()
            .csrf().disable()
            .cors().disable()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .authorizeRequests()
            .antMatchers( HttpMethod.POST, "/auth/**").permitAll()
            .anyRequest().authenticated()
            .and()
            .apply(new JwtConfigurer(jwtTokenProvider));
}

@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(userService).passwordEncoder(passwordEncoder());
}

在我的控制器中,我有这个

@RestController
@RequestMapping("/auth")
public class LoginController {
@Autowired
private UserService userService;

@RequestMapping(value = "/register", method = RequestMethod.POST, produces = "application/json", consumes = "application/json")
@ResponseBody
public Response<UserDto> register(@RequestBody Request<UserDto> request){
    MessengerUser user = userService.saveUser(request.getData());
    return new Response<>(new ModelMapper().map(user, UserDto.class));
}

@RequestMapping(value = "/sign-in", method = RequestMethod.POST, produces = "application/json", consumes = "application/json")
@ResponseBody
public Response<LoginDto> signin(@RequestBody Request<UserDto> request) {
    LoginDto loginDto = userService.authenticateUser(request.getData());
    return new Response<>(loginDto);
   }
}

根据我的要求     {         “数据”:{             “ username”:“用户名”,             “ password”:“密码”         }     }

我怀疑这与我的配置有关,但是我不确定还有什么尝试。

1 个答案:

答案 0 :(得分:0)

事实证明,这是我的错误。我的请求类型有误,我的愚蠢错误。

一切正常,但请求类型为GET而不是POST

相关问题
最新问题