Disable CSRF when using OAuth 2 in Spring Boot - Code World

Disable CSRF when using OAuth 2 in Spring Boot

Others 2020-04-22 20:56:15 views: null

Many examples on the Internet just say to call http.csrf (). disable (), but this will eventually disable all authentication (causing the authentication subject to be null forever).

This is how to disable CSRF protection of REST services without disabling all authentication when using Spring Boot.

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated()
            .and().oauth2Login()
            .and().csrf().disable();
    }
}

from: https://dev.to//jbaranski/disable-csrf-while-using-oauth2-in-spring-boot-3hcm

Published 0 original articles · liked 0 · visits 657

Private letter concerns

Guess you like

Origin blog.csdn.net/cunxiedian8614/article/details/105691062

Disable CSRF when using OAuth 2 in Spring Boot

Spring Boot 2.0.3 Oauth2 Security: Getting 401 error even when using access token in header

What is the reason to disable csrf in spring boot web application?

How to disable csrf in Spring using application.properties?

How to disable security in Spring-Boot 2?

An issue with Spring Boot and OAuth2 Tutorials

Spring Boot OAuth2 Quickstart Example

Points to note when using @SessionAttributes in Spring boot

Отключить CSRF при использовании OAuth 2 в Spring Boot

Spring Security +Oauth2 +Spring boot dynamically define permissions

Spring Boot 2 Actuator /health endpoint not showing additional info when using authentication

How to disable ErrorPageFilter in Spring Boot?

Spring Boot Disable /error mapping

Spring Boot 2 and migrating OAuth2 configuration

Combining Oauth2 with formlogin and actuator security in Spring Boot

Spring Boot OAuth2 Single Sign Off (Logout)

CSRF attack and prevention in Spring Boot

Customize auth error from Spring Security using OAuth2

Spring Boot - Rest Controller is returning empty object when using Lombok

Enabling Hystrix leads to NullPointerException when using kotlin with spring-boot

How to exclude a @Configuration class when using @WebMvcTest with spring-boot?

Spring Boot OAuth Always redirecting to HTTP (IBM Cloud CF + Spring Boot 2)

How to disable `@EnableKafka` in Spring Boot tests?

How disable scanning @Configuration class in Spring boot

How to disable console logging in spring-boot?

Learning Spring Security (8): Using Spring Security OAuth2 to achieve single sign-on

Spring Boot spring.datasource.data when using a data file can not be found

spring boot using jwt

Using RocketMQ in Spring Boot

Spring OAuth2 with JWT - Cannot convert access token to JSON When Separating Auth and Resource Servers

Recommended

Ranking

error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘

Database migration between Navicat servers

Minimum number of rotation of the array: Array

balenaEtcher for mac (make a boot disk software) v1.5.67

Custom processing serialization and deserialization in jackson

Mu-en-mask system development software

Mastering Regular Expressions

Find mileage Java--

Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions

[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite

Daily

More

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)