Spring Boot 401未经授权的邮递员

时间:2020-10-09 22:01:39

标签: java spring-boot hibernate jpa spring-security

我是Spring Boot的新手,正在尝试向邮递员提出授权请求,但我得到401 Unauthorized。 我正在尝试使用jpa将用户存储在数据库H2中,并将请求以json作为正文, 我不知道该怎么解释,所以如果有人发现我会把代码发布出来。



import engine.user.UserDetailsServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Configuration;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


@Configuration
@EnableConfigurationProperties
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private final UserDetailsServiceImpl userDetailsService;

    @Autowired
    public WebSecurityConfig(UserDetailsServiceImpl userDetailsService) {
        this.userDetailsService = userDetailsService;
    }



   @Override
   protected void configure(HttpSecurity http) throws Exception {
       http
               .csrf().disable().headers().frameOptions().disable().and()
               .authorizeRequests().antMatchers("/api/register").permitAll()
               .antMatchers("/actuator/shutdown").permitAll()
               .and()
               .httpBasic();
   }

    @Override
    public void configure(AuthenticationManagerBuilder builder)
            throws Exception {
        builder.userDetailsService(userDetailsService);
    }

}

依赖项

    id 'org.springframework.boot' version '2.2.2.RELEASE'
    id 'java'
}

apply plugin: 'io.spring.dependency-management'

sourceCompatibility = 11

repositories {
    mavenCentral()
}

sourceSets.main.resources.srcDirs = ["src/resources"]

dependencies {
    implementation 'org.springframework.boot:spring-boot-starter'
    implementation 'org.springframework.boot:spring-boot-starter-actuator'
    implementation 'org.springframework.boot:spring-boot-starter-security'
    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
    compile("org.springframework.boot:spring-boot-starter-web")
    runtimeOnly 'com.h2database:h2'

}

用户控制器


import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;

import javax.validation.Valid;

public class UserController {

    private final UserDetailsServiceImpl userDetailsService;

    @Autowired
    public UserController(UserDetailsServiceImpl userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    @PostMapping(value = "/api/register", consumes = "application/json")
    public ResponseEntity<User> saveUser(@Valid @RequestBody  User user) {
        userDetailsService.save(user);
        return new ResponseEntity<>(user, HttpStatus.OK);
    }
}

Postman

2 个答案:

答案 0 :(得分:0)

很可能您没有在Postman中设置Authorization标头。您可以通过“授权”标签进行操作。从下拉列表中选择基本身份验证,然后为尝试执行该操作的用户提供用户凭据。

Setup Basic Auth

注意邮递员如何自动添加授权标头。

Auth Header

最后,在body标签上,添加json请求数据。

Request Body

同样,邮递员会自动为您添加内容类型标题。

Content-Type Header

现在您可以触发您的帖子请求。

答案 1 :(得分:0)

我更改了删除的依赖项 实施'org.springframework.boot:spring-boot-starter-security'

并替换为

编译组:“ org.springframework.boot”,名称:“ spring-boot-starter-security”,版本:“ 2.3.1.RELEASE”

成功了。

相关问题
最新问题