我遇到了Java 17 Spring Maven应用程序的问题,因为当我测试我的代码时,它总是在Postman中返回403 Forbidden状态。我在securityFilterChain()方法中找到了问题,但我不确定如何解决这个问题。
@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfiguration {
private final JwtAuthenticationFilter jwtAuthFilter;
private final AuthenticationProvider authenticationProvider;
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests(auth -> auth
.requestMatchers("/api/v1/city/**").permitAll()
.requestMatchers("/api/v1/auth/**").permitAll()
.anyRequest().authenticated()
)
.csrf(AbstractHttpConfigurer::disable)
.sessionManagement(sess -> sess.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authenticationProvider(authenticationProvider)
.addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);
return http.build();
}
}字符串
有没有人遇到过类似的问题。
先谢谢你了!
当我禁用:.authenticationProvider(authenticationProvider) .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);和.requestMatchers("/api/v1/city/**").permitAll() .requestMatchers("/api/v1/auth/**").permitAll()然后它给出正确的响应,但然后我dissable JWT身份验证
Example of problem
Example of problem的
1条答案
按热度按时间laawzig21#
您正在被重定向到/error页面,该页面由spring-security保护。因此您应该允许它
添加
字符串