0

我有Spring MVC的Spring Security。當我嘗試註冊時,它給了我405'POST'不被支持。我在安全配置中禁用了csrf令牌。讓我知道我哪裏錯了?HTTP狀態405 - 不支持請求方法'POST'。 Spring Security

我的登錄頁面:

<#-- @ftlvariable name="error" type="java.util.Optional<String>" --> 
<!DOCTYPE html> 
<html lang="en"> 
<head> 
<meta charset="utf-8"> 
<title>Log in</title> 
</head> 
<body> 
<nav role="navigation"> 
<ul> 
    <li><a href="/">Home</a></li> 
</ul> 
</nav> 

<h1>Log in</h1> 

<p>You can use: [email protected]/demo</p> 

<form role="form" action="/login" method="post"> 
<div> 
    <label for="email">Email address</label> 
    <input type="email" name="email" id="email" required autofocus/> 
</div> 
<div> 
    <label for="password">Password</label> 
    <input type="password" name="password" id="password" required/> 
</div> 
<div> 
    <label for="remember-me">Remember me</label> 
    <input type="checkbox" name="remember-me" id="remember-me"/> 
</div> 
<button type="submit">Sign in</button> 
</form> 
</body> 
</html> 

授權由LoginController中處理:

@Controller 
public class LoginController { 

@RequestMapping(value = "/login", method = RequestMethod.GET) 
public ModelAndView getLoginPage(@RequestParam Optional<String> error) { 
    return new ModelAndView("login", "error", error); 
} 
} 

這裏是我的春季安全配置類:

@Configuration 
@EnableGlobalMethodSecurity(prePostEnabled = true) 
public class SecurityConfig extends WebSecurityConfigurerAdapter { 

@Autowired 
private UserDetailsService userDetailsService; 

@Override 
protected void configure(HttpSecurity http) throws Exception { 
    http.authorizeRequests() 
      .antMatchers("/", "/public/**").permitAll() 
      .antMatchers("https://stackoverflow.com/users/**").hasAuthority("ADMIN") 
      .anyRequest().fullyAuthenticated() 
      .and() 
      .formLogin() 
      .loginPage("/login") 
      .failureUrl("/login?error") 
      .usernameParameter("email") 
      .passwordParameter("password") 
      .permitAll() 
      .and() 
      .logout() 
      .logoutUrl("/logout") 
      .deleteCookies("remember-me") 
      .logoutSuccessUrl("/") 
      .permitAll() 
      .and() 
      .rememberMe().and().csrf().disable(); 
} 

@Override 
public void configure(AuthenticationManagerBuilder auth) throws Exception { 
    auth 
      .userDetailsService(userDetailsService) 
      .passwordEncoder(new BCryptPasswordEncoder()); 
} 
} 

回答

-1

這一個很容易解決,您將獲得HTTP狀態405,這意味着(來自wiki):

所請求的資源不支持請求方法;例如,需要通過POST呈現數據的表單上的GET請求,或只讀資源上的PUT請求。

您試圖HTTP POST表單處理GET請求的處理程序。

只要改變這一點:

@Controller 
public class LoginController { 
@RequestMapping(value = "/login", method = RequestMethod.GET) 
public ModelAndView getLoginPage(@RequestParam Optional<String> error) { 
    return new ModelAndView("login", "error", error); 
} 
} 

要這樣:

@Controller 
public class LoginController { 

@RequestMapping(value = "/login", method = RequestMethod.POST) 
public ModelAndView getLoginPage(@RequestParam Optional<String> error) { 
    return new ModelAndView("login", "error", error); 
} 
} 
相關問題