小编Dmi*_*y S的帖子

"status":403,"error":"Forbidden","message":"Forbidden","path":"/ post/create"

当我尝试在管理员授权后添加新帖子时,我看到此响应.

我有基于Spring启动安全性的基本授权:

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    //...declared fields
    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .inMemoryAuthentication()
                .passwordEncoder(passwordEncoder())
                .withUser("user")
                .password("userpass")
                .roles("USER")
                .and()
                .withUser("admin")
                .password("adminpass")
                .roles("ADMIN", "USER");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers("/login").permitAll()
                .antMatchers("/logout").permitAll()
                .anyRequest().authenticated()
                .and()
                .httpBasic()
                .and().logout().permitAll()
                .and()
                .formLogin()
                .loginProcessingUrl("/login")
                .permitAll()
                .and().logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                .logoutSuccessUrl("/login");
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

Run Code Online (Sandbox Code Playgroud)

尝试在授权后添加新帖子时收到此消息:

{
    "timestamp": "2018-07-04T12:19:25.638+0000",
    "status": 403,
    "error": "Forbidden",
    "message": "Forbidden",
    "path": "/post/create"
}

Run Code Online (Sandbox Code Playgroud)

在我的控制器中: …

spring-security spring-boot

Dmi*_*y S

2018 07-04

2
推荐指数

1
解决办法

2543
查看次数

标签统计

spring-boot ×1

spring-security ×1

"status":403,"error":"Forbidden","message":"Forbidden","path":"/ post/create"

标签 统计

小编Dmi_y S的帖子

标签统计