不支持请求方法“post”

w46czmvw 于 2021-09-29 发布在 Java

关注(0)|答案(1)|浏览(515)

从SpringSecurity4升级到5（只需要更新pom中的版本）后，身份验证现在被破坏。spring安全版本是 5.5.1 . 它过去在SpringSecurity4中工作得很好。

@Override
  public void configure(WebSecurity web) {
    web.ignoring().antMatchers("/app*/**", "/resources/**");
  }

http.headers().frameOptions().disable();

http.formLogin()
        .loginPage("/login")
        .loginProcessingUrl("/j_spring_security_check")
        .usernameParameter("j_username").passwordParameter("j_password")
        .permitAll()
        .successHandler(authenticationSuccessHandler())
        .failureHandler(authenticationFailureHandler());

http.logout()
            .logoutUrl("/logout")
            .logoutSuccessUrl("/login")
            .deleteCookies("JSESSIONID" )
            .invalidateHttpSession(true)
            .permitAll();

http.csrf().disable();

http.requestCache().disable();

//Custom filters

spring安全调试日志-


************************************************************

Request received for POST '/j_spring_security_check':

org.apache.catalina.connector.RequestFacade@fda4338

servletPath:/j_spring_security_check
pathInfo:null
headers: 
host: localhost:8080
connection: keep-alive
content-length: 77
cache-control: max-age=0
sec-ch-ua: " Not;A Brand";v="99", "Google Chrome";v="91", "Chromium";v="91"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
origin: http://localhost:8080
.
.
.

Security filter chain: [
  WebAsyncManagerIntegrationFilter
  SecurityContextPersistenceFilter
  HeaderWriterFilter
  LogoutFilter
  UsernamePasswordAuthenticationFilter
  ConcurrentSessionFilter
  SpnegoAuthenticationProcessingFilter
  BasicAuthenticationFilter
  LogbackMappedDiagnosticContextSecurityContextFilter
  RequestLoggingFilter
  SecurityContextHolderAwareRequestFilter
  AnonymousAuthenticationFilter
  SessionManagementFilter
  ExceptionTranslationFilter
  FilterSecurityInterceptor
]

************************************************************

2021-06-23 21:56:14,908 [http-nio-8080-exec-9] WARN  o.s.w.s.m.s.DefaultHandlerExceptionResolver - Resolved [org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported]

我不确定这两个版本之间发生了什么变化。post url是一个spring安全url，不需要额外的配置。

spring spring-security

来源：https://stackoverflow.com/questions/68103846/spring-security-request-method-post-not-supported

1条答案

按热度按时间

r1zhe5dt1#

spring登录将在其中发布以触发身份验证过程的默认url为 /login ，过去是 /j_spring_security_check .
如果要使用默认值，可以省略这两行

.loginProcessingUrl("/login")
.usernameParameter("username").passwordParameter("password")

请注意，现在是 username 及 password

赞(0）回复(0）举报 2021-09-29

我来回答

不支持请求方法“post”

1条答案

相关问题

热门标签

最新问答