我在这个问题上纠结了两天。我有一个简单的Springboot应用程序,它有Spring Security。当我用Swagger和Postman测试我的控制器时,没有问题。但是,当我从我的前端应用程序调用同一个端点时,它抛出了下面的错误2022-10-07T21:43:51.991+0800 DEBUG http-nio-8080-exec-1 (FilterChainProxy.java:323) - Secured OPTIONS /category/all 2022-10-07T21:43:51.993+0800 DEBUG http-nio-8080-exec-1 (LogFormatUtils.java:119) - OPTIONS "/category/all", parameters={} 2022-10-07T21:43:51.995+0800 DEBUG http-nio-8080-exec-1 (PropertySourcedRequestMappingHandlerMapping.java:108) - looking up handler for path: /category/all 2022-10-07T21:43:51.998+0800 DEBUG http-nio-8080-exec-1 (AbstractHandlerMapping.java:522) - Mapped to com.edar.sales.be.controller.CategoryController#getAllCategories() 2022-10-07T21:43:52.002+0800 DEBUG http-nio-8080-exec-1 (OpenEntityManagerInViewInterceptor.java:86) - Opening JPA EntityManager in OpenEntityManagerInViewInterceptor 2022-10-07T21:43:52.015+0800 DEBUG http-nio-8080-exec-1 (HttpSessionSecurityContextRepository.java:346) - Did not store anonymous SecurityContext 2022-10-07T21:43:52.018+0800 DEBUG http-nio-8080-exec-1 (OpenEntityManagerInViewInterceptor.java:111) - Closing JPA EntityManager in OpenEntityManagerInViewInterceptor 2022-10-07T21:43:52.019+0800 DEBUG http-nio-8080-exec-1 (FrameworkServlet.java:1131) - Completed 403 FORBIDDEN
这是我的控制器类
package com.edar.sales.be.controller;
import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.beanutils.BeanUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import com.edar.sales.be.dto.CategoryDTO;
import com.edar.sales.be.entity.Category;
import com.edar.sales.be.service.CategoryService;
import com.google.gson.Gson;
@RestController(value = "category/")
public class CategoryController {
private static final Logger LOG = LoggerFactory.getLogger(CategoryController.class);
private static final Gson GSON = new Gson();
@Autowired
CategoryService categoryService;
@GetMapping(value = "category/all")
public List<CategoryDTO> getAllCategories() throws IllegalAccessException, InvocationTargetException {
List<CategoryDTO> retval = new ArrayList<>();
List<Category> categories = categoryService.getAllCategories();
for (Category category : categories) {
CategoryDTO categoryDTO = new CategoryDTO();
BeanUtils.copyProperties(categoryDTO, category);
retval.add(categoryDTO);
}
return retval;
}
@GetMapping(value = "category/{id}")
public CategoryDTO getCategoryById(@PathVariable("id") long id) throws IllegalAccessException, InvocationTargetException {
CategoryDTO categoryDTO = new CategoryDTO();
BeanUtils.copyProperties(categoryDTO, categoryService.getCategoryById(id));
return categoryDTO;
}
@PostMapping(value = "category/delete/{id}")
public void deleteCategoryById(@PathVariable("id") Long id) {
categoryService.deleteCategoryById(id);
}
@PostMapping(value = "category/add")
public void addCategory(@RequestBody Category category) {
LOG.debug("Adding category : {}", GSON.toJson(category));
categoryService.addCategory(category);
}
@PatchMapping(value = "category/update")
public void updateCategory(@RequestBody Category category) {
LOG.debug("Updating category : {}", GSON.toJson(category));
categoryService.addCategory(category);
}
}这是我的SecurityConfig
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("**").permitAll();
}
}
1条答案
按热度按时间bbuxkriu1#
请尝试使用此方法,同时使用SecurityFilterChain来实现Spring安全性,因为WebSecurityConfigurerAdapter已被弃用。