java – Spring Security – 405请求方法’POST’不受支持 – haodro.com |
您所在的位置:网站首页 › springsecurity替代 › java – Spring Security – 405请求方法’POST’不受支持 – haodro.com |
|
我已经为我的项目实现了Spring Security,但是当我尝试登录时,我获得状态405.我已经在表单中添加了csrf标记. 这是我发送用户名和密码时收到的错误:HTTP状态405 – 不支持请求方法“POST” 春季版:4.0.2.RELEASED Invalid username and password. You have been logged out successfully. 安全配置: @Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Autowired @Qualifier("G2BUserDetailsService") UserDetailsService userDetailsService; @Autowired public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailsService); } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/", "/home").permitAll() .antMatchers("/admin/**").access("hasRole('ADMIN')") .and().formLogin().loginPage("/login") .usernameParameter("clientusername").passwordParameter("clientpassword") .and().csrf() .and().exceptionHandling().accessDeniedPage("/Access_Denied"); // .and().csrf().disable(); }控制器: @RequestMapping(value = "/login", method = RequestMethod.GET) public ModelAndView loginPage() { return new ModelAndView("login"); } @RequestMapping(value="/logout", method = RequestMethod.GET) public String logoutPage (HttpServletRequest request, HttpServletResponse response) { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (auth != null){ new SecurityContextLogoutHandler().logout(request, response, auth); } return "redirect:/login?logout"; } @RequestMapping(value = "/Access_Denied", method = RequestMethod.GET) public ModelAndView accessDeniedPage(ModelMap model) { model.addAttribute("user", getPrincipal()); return new ModelAndView("accessDenied"); } @RequestMapping(value = "/admin", method = RequestMethod.GET) public ModelAndView adminPage(ModelMap model) { model.addAttribute("user", getPrincipal()); return new ModelAndView("admin"); } private String getPrincipal(){ String userName = null; Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); if (principal instanceof UserDetails) { userName = ((UserDetails)principal).getUsername(); } else { userName = principal.toString(); } return userName; }几乎关于这个问题的每个主题都说我们需要添加csrf令牌,但我已经添加了.我错过了什么吗? 解决方法: 您可以为一个URL设置两个端点.但是您无法根据需要设置任何请求参数.当我看到您的登录请求地图时,您可以设置您的请求方法,如下所示: @RequestMapping(value = "/login", method = { RequestMethod.GET, RequestMethod.POST }) public ModelAndView loginPage() { return new ModelAndView("login"); }以上是互联网集市为您收集整理的java – Spring Security – 405请求方法’POST’不受支持全部内容,希望文章能够帮你解决java – Spring Security – 405请求方法’POST’不受支持所遇到的程序开发问题。 如果觉得互联网集市技术教程内容还不错,欢迎将互联网集市网站推荐给程序员好友。 版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。 |
今日新闻 |
推荐新闻 |
| CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |