Spring 找不到预期的CSRF令牌_Spring_Spring Boot_Spring Security_Spring Oauth2

Spring 找不到预期的CSRF令牌

spring spring-boot spring-security

Spring 找不到预期的CSRF令牌,spring,spring-boot,spring-security,spring-oauth2,Spring,Spring Boot,Spring Security,Spring Oauth2,我正在尝试使用以下配置将Spring安全性禁用到最新的Spring云： @Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(securedEnabled = true) @Order(SecurityProperties.DEFAULT_FILTER_ORDER) public class WebSecurityConfigSec extends WebSecurityConfigurerAdapter { @Ov

我正在尝试使用以下配置将Spring安全性禁用到最新的Spring云：

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
@Order(SecurityProperties.DEFAULT_FILTER_ORDER)
public class WebSecurityConfigSec extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable().cors().disable()
                .authorizeRequests().anyRequest().permitAll();
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring()
                .antMatchers("/**");
    }
}

application.yml

spring:
    main:
        allow-bean-definition-overriding: true
security:
    ignored=/**:
    enable-csrf: false

我还试图补充：

@EnableWebSecurity
@Configuration
public class WebSecurityConfig extends
   WebSecurityConfigurerAdapter {

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    http
      .csrf().disable();
  }
}

但它不起作用

我收到错误：

找不到预期的CSRF令牌

18:16:24.537 [boundedElastic-2] DEBUG DefaultWebSessionManager[lambda$createWebSession$3:94] - Created new WebSession.
18:16:24.540 [boundedElastic-2] DEBUG HttpWebHandlerAdapter[traceDebug:91] - [1ffd0a30] Completed 403 FORBIDDEN

您知道如何解决此问题吗？

根据日志

创建新的WebSession

，您的应用程序似乎是被动的。您不能通过扩展

websecurityConfigureAdapter

来配置反应式应用程序中的安全性。看见