我想使用JWT接收带有Spring Boot用户名,密码的表单,我停用了后端构建的HTTP表单,但是现在在发送我的用户名和密码后,我的计算机响应403中的本地服务器
我重新激活了表单登录名,我收到了输入表单字段的用户名和密码
//security config
protected void configure(HttpSecurity http) throws Exception{
http.csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);//desactiver la session
//http.formLogin();
http.authorizeRequests().antMatchers("/login/**","/register/**").permitAll();
http.authorizeRequests().antMatchers(HttpMethod.POST, "/taches/**").hasAuthority("ADMIN");
http.authorizeRequests().anyRequest().authenticated();
http.addFilter(new JWTAuthentificationFilter(authenticationManager()));
}
//attenpt authentification
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException{
Membre membre = null;
System.out.println(">>>>>>username > 35*********");
String test_reception = request.getParameter("username");
System.out.println(test_reception);
try {
membre = new ObjectMapper().readValue(request.getInputStream(), Membre.class);
System.out.println(membre.getUsername());
} catch (Exception e) {
System.out.println("**********Ligne 36**********");
throw new RuntimeException(e);
}
System.out.println("**********TEST JWT**********");
这是结果控制台:
用户名> 35 ********* 空值 **********木质36 ********** 2019-06-02 10:02:25.650错误8132-[nio-8080-exec-9] oaccC [。[。[/]。[dispatcherServlet]:Servlet [dispatcherServlet]的Servlet.service()路径[]抛出异常
java.lang.RuntimeException:com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException:无法识别的字段“密码”(类ohkod.tdlist.entities.Membre),未标记为可忽略(4个已知属性:“ id”, “密码”,“角色”,“用户名”])
test_reception为null,如何正确配置WebSecurityConfigurerAdapter? http.authorizeRequests()。antMatchers(“ / login / **”)。permitAll()不是 足够?
我使用Maven和Spring Boot 2