Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/spring-boot/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 为什么permitAll()返回403 spring security?_Java_Spring Boot_Spring Security - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java 为什么permitAll()返回403 spring security?

Java 为什么permitAll()返回403 spring security?

java spring-boot spring-security

Java 为什么permitAll()返回403 spring security?,java,spring-boot,spring-security,Java,Spring Boot,Spring Security,我已经创建了一个在数据库中持久保存用户详细信息的方法,并且我还有一个在端点/寄存器中公开的控制器。我想使/register端点对所有人都可用。我使用了spring security,并为/注册终点提供了所有许可 @Configuration @EnableWebSecurity public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter { private final UserDetailsSe

我已经创建了一个在数据库中持久保存用户详细信息的方法,并且我还有一个在端点/寄存器中公开的控制器。我想使/register端点对所有人都可用。我使用了spring security,并为/注册终点提供了所有许可


@Configuration
@EnableWebSecurity
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {

    private final UserDetailsServiceImpl userDetailsService;

    @Autowired
    public WebSecurityConfiguration(UserDetailsServiceImpl userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests(
                request -> request.antMatchers(HttpMethod.POST,"/register").permitAll()
                .anyRequest().authenticated()
            );
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
       return new BCryptPasswordEncoder();
    }
}
有人能解释一下或者帮我解释一下为什么permitAll在我的情况下不工作吗。根据我编写的代码,/register端点应该返回用户详细信息,但它返回403。/register端点是一个rest端点,它将用户详细信息作为输入,并在数据持久化到数据库后返回用户详细信息作为输出

@Slf4j
@RestController
public class RegistrationController {

    private final UserDetailsServiceImpl userDetailsService;

    @Autowired
    public RegistrationController(UserDetailsServiceImpl userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    @PostMapping(value = "/register")
    public ResponseEntity<Users> registerNewUser(@Valid @RequestBody Users users) throws EmailAlreadyExistsException {
        Users usersDetails = userDetailsService.processRegistration(users);
        log.info("{}, Information: Successfully persisted new user",this.getClass().getSimpleName());
        return new ResponseEntity<>(usersDetails,HttpStatus.OK);
    }
}


@Slf4j
@RestController
公共类注册控制器{
私有最终用户详细信息服务impl用户详细信息服务;
@自动连线
公共注册控制器(UserDetailsServiceImpl userDetailsService){
this.userDetailsService=userDetailsService;
}
@后映射(value=“/register”)
public ResponseEntity RegisterNewser(@Valid@RequestBody Users)引发EmailAlreadyExistsException{
Users usersDetails=userDetailsService.processRegistration(用户);
log.info(“{},信息:成功持久化新用户”,this.getClass().getSimpleName());
返回新的ResponseEntity(usersDetails,HttpStatus.OK);
}
}
我猜您是通过curl或postman调用url。然后必须禁用CSRF或使用GET映射

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests(
            request -> request.antMatchers(HttpMethod.POST,"/register").permitAll()
            .anyRequest().authenticated()
        );
}