我遇到了Java 17 Spring Maven应用程序的问题,因为当我测试我的代码时,它总是在Postman中返回403 Forbidden状态。我在securityFilterChain()方法中找到了问题,但我不确定如何解决这个问题。
@Configuration@EnableWebSecurity@RequiredArgsConstructorpublic class SecurityConfiguration {private final JwtAuthenticationFilter jwtAuthFilter;private final AuthenticationProvider authenticationProvider;@Beanpublic SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {http.authorizeHttpRequests(auth -> auth.requestMatchers("/api/v1/city/**").permitAll().requestMatchers("/api/v1/auth/**").permitAll().anyRequest().authenticated()).csrf(AbstractHttpConfigurer::disable).sessionManagement(sess -> sess.sessionCreationPolicy(SessionCreationPolicy.STATELESS)).authenticationProvider(authenticationProvider).addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);return http.build();}}
字符串
有没有人遇到过类似的问题。
先谢谢你了!
当我禁用:.authenticationProvider(authenticationProvider) .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);和.requestMatchers("/api/v1/city/**").permitAll() .requestMatchers("/api/v1/auth/**").permitAll()然后它给出正确的响应,但然后我dissable JWT身份验证
Example of problem
Example of problem的
1条答案
按热度按时间laawzig21#
您正在被重定向到/error页面,该页面由spring-security保护。因此您应该允许它
添加
字符串