从ajax向controller发帖(Spring security)
嗨,有问题吗?有错误吗从ajax向controller发帖(Spring security),ajax,spring,security,spring-mvc,controller,Ajax,Spring,Security,Spring Mvc,Controller,嗨,有问题吗?有错误吗 WARNING [http-nio-8080-exec-8] org.springframework.web.servlet.PageNotFound.handleHttpRequestMethodNotSupported Request method 'POST' not supported 当我试图在控制器上发表文章时。我认为问题出在SpringSecurity中,我已经在我的项目中添加了它。在它成功之前 <form id="estimationForm
WARNING [http-nio-8080-exec-8] org.springframework.web.servlet.PageNotFound.handleHttpRequestMethodNotSupported Request method 'POST' not supported
<form id="estimationForm" method="post" class="form-horizontal">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h4><i class="fa fa-address-card-o" aria-hidden="true"></i> 평가</h4>
</div>
<!-- Estimate modal -->
<div class="modal-body">
<div class="form-group">
<div class="col-lg-12 text-left">
<input type="text" name="name" class="form-control form-block" placeholder="이름" required />
</div>
</div>
<div class="form-group">
<div class="col-lg-12 text-left">
<input type="email" name="email" class="form-control form-block" placeholder="이메일" required />
</div>
</div>
<div class="form-group">
<div class="col-lg-12 text-left">
<textarea class="form-control form-block" name="message" rows="4" placeholder="아이디" required></textarea>
</div>
</div>
</div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
<!-- Estimate modal footer -->
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal">닫기</button>
<button type="button" onclick="estimate()" class="btn btn-primary">보내기</button>
</div>
</form>
@Controller
@SessionAttributes("roles")
public class IndexPageController {
@Autowired
AuthenticationTrustResolver authenticationTrustResolver;
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String loginPage(Locale locale, Model model) {
/* // add parametrized message from controller
String welcome = messageSource.getMessage("welcome.message", new Object[]{"John Doe"}, locale);
model.addAttribute("message", welcome);*/
// obtain locale from LocaleContextHolder
Locale currentLocale = LocaleContextHolder.getLocale();
model.addAttribute("locale", currentLocale);
if (isCurrentAuthenticationAnonymous()) {
return "index";
} else {
return "redirect:/list";
}
}
@ResponseBody
@RequestMapping(value = "/estimate" , method = RequestMethod.POST)
public String estimateWindow(@RequestParam("name") String recipientName, @RequestParam("email") String recipientMail, @RequestParam("message") String recipientRequestText, Model model) {
System.out.print("name " + recipientName + " email " + recipientMail + " text " + recipientRequestText);
JSONObject myJsonObj = new JSONObject();
myJsonObj.append("response", "ok");
return myJsonObj.toString();
}
/**
* This method returns true if users is already authenticated [logged-in], else false.
*/
private boolean isCurrentAuthenticationAnonymous() {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
return authenticationTrustResolver.isAnonymous(authentication);
}
}
您的AJAX函数正在尝试POST to/login,控制器已将其定义为GET方法
尝试将您的登录方法更改为POST,或者创建另一个登录端点来处理POST。正如我提到的,问题出在Crsf中。我确实喜欢这本指南
现在ajax在/estimate controller上发表文章在我的ajax中,url是estimate,我试图将数据发送到控制器中的/estimate方法。问题是,当我在没有ajax的情况下发表文章时,只有jsp表单和提交——它工作得很好。我认为问题在于crsf令牌,但我不知道如何编写它。我有一个表单,可能我必须通过ajax发送csrf令牌。但是我不知道怎么做。你得到的错误不是因为缺少CSRF令牌,而是因为你没有发布到正确的URL。尝试向JS函数添加更多调试信息,只是输出fail不会有多大帮助。我先看看你的URL,现在是estimate,应该是/estimate吗?
@Controller
@SessionAttributes("roles")
public class IndexPageController {
@Autowired
AuthenticationTrustResolver authenticationTrustResolver;
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String loginPage(Locale locale, Model model) {
/* // add parametrized message from controller
String welcome = messageSource.getMessage("welcome.message", new Object[]{"John Doe"}, locale);
model.addAttribute("message", welcome);*/
// obtain locale from LocaleContextHolder
Locale currentLocale = LocaleContextHolder.getLocale();
model.addAttribute("locale", currentLocale);
if (isCurrentAuthenticationAnonymous()) {
return "index";
} else {
return "redirect:/list";
}
}
@ResponseBody
@RequestMapping(value = "/estimate" , method = RequestMethod.POST)
public String estimateWindow(@RequestParam("name") String recipientName, @RequestParam("email") String recipientMail, @RequestParam("message") String recipientRequestText, Model model) {
System.out.print("name " + recipientName + " email " + recipientMail + " text " + recipientRequestText);
JSONObject myJsonObj = new JSONObject();
myJsonObj.append("response", "ok");
return myJsonObj.toString();
}
/**
* This method returns true if users is already authenticated [logged-in], else false.
*/
private boolean isCurrentAuthenticationAnonymous() {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
return authenticationTrustResolver.isAnonymous(authentication);
}
}