Stawiam właśnie moje pierwsze kroki ze Spring Security i niestety od razu po dodaniu zależności "spring-boot-starter-security - 2.3.0.RELEASE" i utworzeniu SecurityConfiguration pojawił się problem z zapisywaniem danych do bazy MySQL. Wyłączenie csrf zgodnie z radą którą znalazłem tutaj https://stackoverflow.com/questions/51026694/spring-security-blocks-post-requests-despite-securityconfig nic nie dało. Metoda post w kontrolerze dalej się nie wykonuje. Dodam jeszcze że po skasowaniu zależności i zakomentowaniu SecurityConfiguration dane zapisują się prawidłowo. Czy ktoś może mi powiedzieć gdzie leży problem?
spring.jpa.hibernate.ddl-auto=update
spring.datasource.url=jdbc:mysql://localhost:3306/helpdesksystemdatabase?useTimezone=true&serverTimezone=UTC
spring.datasource.username=*******
spring.datasource.password=*******
package com.projects.helpdeskSystem.configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception{
http.authorizeRequests()
.antMatchers(HttpMethod.POST,"/register").permitAll();
http.csrf().disable();
}
}
package com.projects.helpdeskSystem.controller;
import com.google.gson.Gson;
import com.projects.helpdeskSystem.entity.Customer;
import com.projects.helpdeskSystem.repository.CustomerRepo;
import com.projects.helpdeskSystem.service.CustomerService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class CustomerController {
@Autowired
private CustomerService customerService;
@PostMapping("/register")
public ResponseEntity registerCustomer(@RequestBody String customerJSON){
System.out.println("ok");
Gson gson = new Gson();
Customer customer = gson.fromJson(customerJSON, Customer.class);
customerService.saveCustomer(customer);
return ResponseEntity.ok(HttpStatus.OK);
}
}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.7.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.example</groupId>
<artifactId>demo</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>demo</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>2.3.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
<version>2.3.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
<version>5.4.16.Final</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.20</version>
</dependency>
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
<version>2.8.6</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
Edit: Zgodnie z radą w wątku https://stackoverflow.com/questions/31832148/allow-get-request-but-not-post-request-spring-security/43351607 testuję coś takiego ale na razie niestety bez zmian
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity web) throws Exception{
web.ignoring().antMatchers(HttpMethod.POST, "/register/**");
}
}