Java 403使用带Spring Security的Vaadin的CSRF令牌错误
我试图在vaadin应用程序中实现spring安全性,但我遇到了一个问题,在登录到页面后,它显示了一个错误: {“状态”:403,“错误”:“禁止”,“消息”:“无法验证 提供了CSRF令牌,因为找不到您的会话。“,“路径”:“/”} 我尝试了很多方法,但都不起作用,下面是我的标准安全配置类:Java 403使用带Spring Security的Vaadin的CSRF令牌错误,java,spring,maven,spring-boot,spring-security,Java,Spring,Maven,Spring Boot,Spring Security,我试图在vaadin应用程序中实现spring安全性,但我遇到了一个问题,在登录到页面后,它显示了一个错误: {“状态”:403,“错误”:“禁止”,“消息”:“无法验证 提供了CSRF令牌,因为找不到您的会话。“,“路径”:“/”} 我尝试了很多方法,但都不起作用,下面是我的标准安全配置类: //SecurityConfig.java @Configuration @EnableWebSecurity public class SecurityConfig extends WebSec
//SecurityConfig.java
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user")
.password("password")
.roles("USER");
}
}
控制器类:
//HomeController.java
@RestController
public class HomeController {
@GetMapping("/")
public String index() {
return "Welcome to the home page!";
}
@GetMapping("/error")
public String error(){
return "Error!";
}
}
和瓦丁UI类
//VaadinUI.java
@SpringUI
public class VaadinUI extends UI {
VerticalLayout layout = new VerticalLayout();
com.vaadin.ui.Label label = new com.vaadin.ui.Label("Witaj");
@Autowired
public VaadinUI() {}
@Override
protected void init(VaadinRequest request) {
setContent(layout);
layout.addComponent(label);
}
}
还有我的pom.xml
//pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>example.com</groupId>
<artifactId>LDAPSpringInitializr</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>LDAPSpringInitializr</name>
<description>Demo project for Spring Boot</description>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.5.3.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<vaadin.version>8.0.5</vaadin.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-ldap</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>com.vaadin</groupId>
<artifactId>vaadin-spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.vaadin</groupId>
<artifactId>vaadin-bom</artifactId>
<version>${vaadin.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
//pom.xml
4.0.0
example.com
LDAPSPringinitializer
0.0.1-快照
罐子
LDAPSPringinitializer
SpringBoot的演示项目
org.springframework.boot
spring启动程序父级
1.5.3.1发布
UTF-8
UTF-8
1.8
8.0.5
org.springframework.boot
spring引导启动器数据jpa
org.springframework.boot
spring引导启动器数据ldap
org.springframework.boot
弹簧启动安全
com.vaadin
瓦丁弹簧靴起动器
org.springframework.boot
SpringBootStarterWeb
org.postgresql
postgresql
运行时
org.springframework.boot
弹簧起动试验
测试
com.vaadin
瓦丁波姆
${vaadin.version}
聚甲醛
进口
org.springframework.boot
springbootmaven插件
如何在spring security中使用Vaadin?
我想稍后将spring security与LDAP连接。我对Vaadin不太熟悉,但这篇文章建议Vaadin已经提供了CSRF保护,因此您可以通过
@Override
protected void configure(final HttpSecurity httpSecurity) throws Exception {
httpSecurity.csrf().disable();
}
在您的安全配置中。Vaadin与Spring security一起工作!我正在尝试连接LDAP,您好!