[英]"status": 403, "error": "Forbidden" "message": "Access Denied" in postman spring boot code
I'm new in spring boot and trying to create authentication app, but after writing it i found an error in postman app :我是 spring boot 的新手,正在尝试创建身份验证应用程序,但是在编写之后我发现 postman 应用程序中出现错误:
"timestamp": "2022-06-18T06:42:20.072+00:00", "status": 403, "error": "Forbidden"
“时间戳”:“2022-06-18T06:42:20.072+00:00”,“状态”:403,“错误”:“禁止”
This is my code :这是我的代码:
i have 2 classes, one in Auth request and another is Auth response and I have a controller for both of them, this is the AuthRequest model :我有 2 个类,一个在 Auth 请求中,另一个是 Auth 响应,我对它们都有一个控制器,这是AuthRequest 模型:
public class AuthRequest {
@Email @Length(max = 50 , min = 5)
private String email;
@Length(max = 50 , min = 2)
private String password;
public AuthRequest(String email ,String password) {
this.email = email;
this.password = password;
}
and this is my Auth response model :这是我的身份验证响应模型:
public class AuthResponse {
private String email ;
private String accessToken;
public AuthResponse(){}
public AuthResponse(String email, String accessToken) {
this.email = email;
this.accessToken = accessToken;
}
This Auth Request controller :此身份验证请求控制器:
@RestController
public class AuthController {
@Autowired
AuthenticationManager authenticationManager;
@PostMapping("/login")
public ResponseEntity<?> login(@RequestBody @Valid AuthRequest authRequest){
try {
Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(authRequest.getEmail(),authRequest.getPassword()));
Employee employee = (Employee) authentication.getPrincipal();
String accessToken = "JWT access token here";
AuthResponse authResponse = new AuthResponse(employee.getEmail(), accessToken);
return ResponseEntity.ok(authResponse);
}catch (BadCredentialsException ex) {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
}
}
}
and this is my **config security class** :
@EnableWebSecurity
@CrossOrigin
public class ApplicationSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private IEmployeeRepository employeeRepository;
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(username -> employeeRepository.findByEmail(username)
.orElseThrow(() -> new UsernameNotFoundException("User " + username + " not found. ")));
}
@Bean
public AuthenticationManager AuthenticationManagerBean() throws Exception {
return super.authenticationManager();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and().csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.authorizeRequests().anyRequest().permitAll();
}
}
and then, I post it to postman and this gave an error message and do not confirm :然后,我将它发布给邮递员,这给出了一条错误消息并且不确认:
The property isDeleted
of the Employee
object returned by the call to employeeRepository.findByEmail(username)
is null and it's defined as not nullable ( boolean
).调用
employeeRepository.findByEmail(username)
返回的Employee
对象的属性isDeleted
为null,并且它被定义为不可为空( boolean
)。
Either return a not null value or change the property's type to Boolean
.返回非空值或将属性的类型更改为
Boolean
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.