Spring Security does not allow anonymous (anonymous) access to the Post interface (403) - Code World

Spring Security does not allow anonymous (anonymous) access to the Post interface (403)

Enterprise 2023-06-19 06:29:45 views: null

Problem background: The system exposes the interface to the outside world, the interface path is configured with anonymous access (anonymous), the Get request can be accessed normally, and the Post request reports an error 403 or directly jumps to the login page.

Solution: Turn off CSRF in SecurityConfig

httpSecurity.csrf().disable()

The above problem was solved, but a new problem appeared when the front end called.

Problem background: The front end transfers the token to call the anonymous interface, and reports an error 403, but it can be accessed normally without passing the token.

Reason: anonymous allows anonymous access, passing the token is not anonymous, so it cannot be accessed.

Solution: Change anonymous to permitAll.

Final configuration:

The configurable permission types of Spring Security are attached, as follows:

Guess you like

Origin blog.csdn.net/secretdaixin/article/details/128955214

Spring Security does not allow anonymous (anonymous) access to the Post interface (403)

How to allow anonymous user access from localhost only in Spring security?

Shiro framework interface anonymous access settings are invalid/return 403 pit

Understanding the difference of permitAll() and anonymous() in Spring Security

The spring boot integration spring security access interface does not respond

openldap prohibit anonymous access

SpringSecurity anonymous user access

vsftp anonymous access settings

Anonymous access to Samba on Linux

Rsync anonymous access vulnerability

Configure to allow anonymous users to log in to access the vsftpd service, upload and download documents, create and delete documents, etc.

Configure to allow anonymous users to log in to access the vsftpd service, upload and download documents, create and delete documents, etc.

Annotation method realizes release of Spring Security anonymous port and pits encountered

Spring Security integrated knife4j access interface document appears 403

ftp anonymous user access patterns

Access method of outer anonymous class from inner anonymous class

Spring Stomp SimpUserRegistry Anonymous Users

Ashmem anonymous shared memory subsystem analysis of Android system (3) - C/C++ access interface of Ashmem subsystem

Ashmem anonymous shared memory subsystem analysis of Android system (2) - Ashmem access interface of runtime library cutils

Spring security - creating 403 Access denied custom response

[Linux] Ubuntu16.04 ftp anonymous access

Kepware opens opcua anonymous access service

Pure-FTPd turns off anonymous access

Add anonymous access to FTP sites in IIS 7

Android Java Anonymous Shared Memory Interface Analysis

How to create an instance of anonymous interface in Kotlin?

Spring Security出现403，org.springframework.security.access.AccessDeniedException: Access is denied

Anonymous subclass

Anonymous variable

Anonymous function

Recommended

TIOBE May list: Fortran “resurrected” into Top 10

GCC 14.1 released

Ranking

B. Little Girl and Game【1300 / 回文字符串博弈论】

CIKERS Shane 20190613

"Javascript advanced programming" study notes - the constructor and prototype

beeline hiveserver2 start

springboot - Automatically backup mysql data every day

Data Storage Full Solution--Detailed Persistence Technology

Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original

TCP / IP protocol layers structure and function

Command type literal pos: unknown； Fallback type literal pos: unknown] with root cause

Design of multifunctional curtain controller with indoor anti-theft alarm

Daily

More

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)

2024-05-02(0)

2024-05-01(4)

2024-04-30(36)

2024-04-29(5)