我使用的是Spring Security版本6.1.2和Spring Boot版本3.1.2.下面是我的Spring安全配置.HTTP方法GET、POST、PUT工作正常,但DELETE不能处理禁止的消息403.我需要添加任何特殊配置才能允许在Spring安全配置中删除HTTP吗?
WebSecurityConfig:个
@Configuration
@EnableWebSecurity // 1
public class WebSecurityConfig {
@Bean
PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeRequests((authorizeRequests) -> authorizeRequests.requestMatchers("/**").hasAnyAuthority("USER"))
.httpBasic(withDefaults());
return http.build();
}
@Bean
WebSecurityCustomizer ignoringCustomizer() {
return (web) -> web.ignoring().requestMatchers(HttpMethod.GET).requestMatchers("/user");
}
}
UserService code:个
@Service
public class UserServiceSecurity implements UserDetailsService {
@Autowired
UserRepoSecurity userRepo;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
final UserPojo user = userRepo.findByUserName(username);
if (user == null) {
throw new UsernameNotFoundException(username);
}
UserDetails userr = User.withUsername(user.getUserName()).password(user.getPassword()).authorities("USER")
.build();
return userr;
}
}
Controller:个
@RestController
@RequestMapping(value = "/products")
public class ProductController {
@Autowired
ProductService productService;
@GetMapping("/{id}")
public ProductPojo getById(@PathVariable Long id) {
return productService.getByID(id);
}
@GetMapping
public Iterable<ProductPojo> getAll() {
return productService.getAll();
}
@PostMapping
public ProductPojo createProduct(@RequestBody ProductPojo product) {
return productService.createProduct(product);
}
@PutMapping
public ProductPojo update(@RequestBody ProductPojo product) {
return productService.update(product);
}
@DeleteMapping("/{id}")
public String remove(@PathVariable Long id) {
productService.remove(id);
return "Record delete successfully";
}
}
Below is error on postman:个
Error at postman when I hit HTTP DELETE个
当我试图使用postman 点击HTTP删除时,它给出了403禁止. Http删除的url:http://localhost:8080/products/1