Spring security Spring Security 5登录时返回403
我正在评估Spring5(MVC)和SpringSecurity5。 当我发布自定义表单中的用户名和密码时,我会得到403返回码。 使用instead of或Spring默认登录表单时,一切正常 这里是我的applicationContext-security.xmlSpring security Spring Security 5登录时返回403,spring-security,Spring Security,我正在评估Spring5(MVC)和SpringSecurity5。 当我发布自定义表单中的用户名和密码时,我会得到403返回码。 使用instead of或Spring默认登录表单时,一切正常 这里是我的applicationContext-security.xml <?xml version="1.0" encoding="UTF-8"?> <b:beans xmlns="http://www.springframework.org/schema/security"
<?xml version="1.0" encoding="UTF-8"?>
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:b="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<http auto-config='false' use-expressions="true">
<intercept-url pattern="/assets/**" access="isAnonymous() or hasRole('ROLE_USER')" />
<intercept-url pattern="/pages/**" access="isAnonymous() or hasRole('ROLE_USER')" />
<intercept-url pattern="/index.do**" access="isAnonymous() or hasRole('ROLE_USER')" />
<intercept-url pattern="/app2/**" access="isAnonymous() or hasRole('ROLE_USER')" />
<intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
<form-login login-page="/index.do#/login"
login-processing-url="/login"
default-target-url="/index.do"/>
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user" password="password" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
在您的请求中包含
csrf
令牌,确保您的页面中有该令牌。就这样。非常感谢!在您的请求中包括csrf
令牌,确保您的页面中有该令牌。就这样。非常感谢!