spring security 403 error

前端未结

关注

 4  1556

清歌不尽 2020-12-07 22:38

I\'m trying to secure my website using Spring security following the guides on the web. So on my server side the WebSecurityConfigurerAdapter and controller looks like this<

4条回答

暖寄归人 (楼主)

2020-12-07 23:03

The issue is likely due to CSRF protection. If users will not be using your application in a web browser, then it is safe to disable CSRF protection. Otherwise you should ensure to include the CSRF token in the request.

To disable CSRF protection you can use the following:

@Configuration
@EnableWebSecurity
public class WebSecurityConfig
    extends WebSecurityConfigurerAdapter implements ApplicationContextAware {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            // ...
            .csrf().disable();
    }

    @Override
    protected void registerAuthentication(AuthenticationManagerBuilder authManagerBuilder) throws Exception {
        authManagerBuilder
            .inMemoryAuthentication()
                .withUser("user").password("password").roles("ADMIN");
    }
}

0 讨论(0)

查看其它4个回答