那些遇到过的问题

小编ken*_*ken的帖子

弹簧安全403错误

我正在尝试按照网络指南使用Spring安全保护我的网站.所以在我的服务器端,WebSecurityConfigurerAdapter和控制器看起来像这样

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
implements ApplicationContextAware {

@Override
protected void registerAuthentication(AuthenticationManagerBuilde r authManagerBuilder) throws Exception {
authManagerBuilder.inMemoryAuthentication()
.withUser("user").password("password").roles("ADMI N");
}
}

@Controller
//@RequestMapping("/course")
public class CourseController implements ApplicationContextAware{

@RequestMapping(value="/course", method = RequestMethod.GET, produces="application/json")
public @ResponseBody List<Course> get(// The critirion used to find.
@RequestParam(value="what", required=true) String what,
@RequestParam(value="value", required=true) String value) {
//.....
}

@RequestMapping(value="/course", method = RequestMethod.POST, produces="application/json")
public List<Course> upload(@RequestBody Course[] cs) {
}
}
Run Code Online (Sandbox Code Playgroud)

令我困惑的是服务器没有响应POST/DELETE方法,而GET方法工作正常.顺便说一下,我在客户端使用RestTemplate.例外情况是:

Exception in thread "main" org.springframework.web.client.HttpClientErrorException: 403 Forbidden
    at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:91) …
Run Code Online (Sandbox Code Playgroud)

spring spring-mvc spring-security

ken*_*ken
2014 10-27
39
推荐指数
4
解决办法
6万
查看次数

POST方法的Spring 405错误

我正在尝试按照网络指南使用Spring安全保护我的网站.我不希望我的用户通过Web浏览器使用我的应用程序,因此我禁用了csrf保护.服务器端的源代码:

    @Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
implements ApplicationContextAware {

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
        .authorizeRequests().anyRequest().authenticated().and()
        .httpBasic().and()
        .csrf().disable();
    }

@Override
protected void registerAuthentication(AuthenticationManagerBuilde r authManagerBuilder) throws Exception {
authManagerBuilder.inMemoryAuthentication()
.withUser("user").password("password").roles("ADMI N");
}
}

@Controller
//@RequestMapping("/course")
public class CourseController implements ApplicationContextAware{

@RequestMapping(value="/course", method = RequestMethod.GET, produces="application/json")
public @ResponseBody List<Course> get(// The critirion used to find.
@RequestParam(value="what", required=true) String what,
@RequestParam(value="value", required=true) String value) {
//.....
}

@RequestMapping(value="/course", method = RequestMethod.POST, produces="application/json")
public List<Course> upload(@RequestBody Course[] cs) …
Run Code Online (Sandbox Code Playgroud)

spring spring-security

ken*_*ken
lucky-day
5
推荐指数
2
解决办法
3万
查看次数

标签 统计

spring ×2

spring-security ×2

spring-mvc ×1