HTTP状态405-不支持请求方法"POST".春季安全 [英] HTTP Status 405 - Request method 'POST' not supported. Spring Security
问题描述
我具有Spring MVC的Spring Security.当我尝试注册时,它给了我405个不支持"POST"的信息.我已在安全性配置中禁用了csrf令牌.让我知道我在哪里出了错?
I have Spring Security with Spring MVC. When I try to sign up, it is giving me 405 'POST' not supported. I have disabled csrf token in security config. Let me know where did I go wrong?
我的登录页面:
<#-- @ftlvariable name="error" type="java.util.Optional<String>" -->
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Log in</title>
</head>
<body>
<nav role="navigation">
<ul>
<li><a href="/">Home</a></li>
</ul>
</nav>
<h1>Log in</h1>
<p>You can use: demo@localhost / demo</p>
<form role="form" action="/login" method="post">
<div>
<label for="email">Email address</label>
<input type="email" name="email" id="email" required autofocus/>
</div>
<div>
<label for="password">Password</label>
<input type="password" name="password" id="password" required/>
</div>
<div>
<label for="remember-me">Remember me</label>
<input type="checkbox" name="remember-me" id="remember-me"/>
</div>
<button type="submit">Sign in</button>
</form>
</body>
</html>
授权由LoginController处理:
Authorization is handled by LoginController:
@Controller
public class LoginController {
@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView getLoginPage(@RequestParam Optional<String> error) {
return new ModelAndView("login", "error", error);
}
}
这是我的Spring Security配置类:
Here is my Spring Security configuration class:
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/", "/public/**").permitAll()
.antMatchers("/users/**").hasAuthority("ADMIN")
.anyRequest().fullyAuthenticated()
.and()
.formLogin()
.loginPage("/login")
.failureUrl("/login?error")
.usernameParameter("email")
.passwordParameter("password")
.permitAll()
.and()
.logout()
.logoutUrl("/logout")
.deleteCookies("remember-me")
.logoutSuccessUrl("/")
.permitAll()
.and()
.rememberMe().and().csrf().disable();
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService)
.passwordEncoder(new BCryptPasswordEncoder());
}
}
推荐答案
这很容易解决,您将获得HTTP状态405,这意味着(来自Wiki):
This one is easy to solve, you are getting HTTP status 405 which means (from wiki):
请求的资源不支持请求方法;例如,要求通过POST呈现数据的表单上的GET请求,或只读资源上的PUT请求.
A request method is not supported for the requested resource; for example, a GET request on a form that requires data to be presented via POST, or a PUT request on a read-only resource.
您尝试将表单HTTP POST到处理GET请求的处理程序中.
You trying to HTTP POST a form to a handler which handles GET requests.
只需更改此内容:
@Controller
public class LoginController {
@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView getLoginPage(@RequestParam Optional<String> error) {
return new ModelAndView("login", "error", error);
}
}
为此:
@Controller
public class LoginController {
@RequestMapping(value = "/login", method = RequestMethod.POST)
public ModelAndView getLoginPage(@RequestParam Optional<String> error) {
return new ModelAndView("login", "error", error);
}
}
这篇关于HTTP状态405-不支持请求方法"POST".春季安全的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
